Password reset self-service

If the user cannot remember the password, a new password can be chosen with this self-service.

In order to do so, the user must usually provide (example):

●
The username or alias.
●
One of:

●
Have access to the email account linked with the account.
●
Have access to the mobile phone linked with the account.
●
Know the correct answers to previously recorded secret questions.

●
Optionally, a second authenticator factor (e.g. Airlock 2FA) is involved.

Security Advisory

Enabling the password reset self-service may reduce the security of the whole system. Please check the security requirements of your solution before enabling this feature.

Further information and links

●
Configuration in the Loginapp REST UI: 17.2.4.1. Password reset over Loginapp REST API
●
Configuration in the JSP-Loginapp: 17.4.1.1.2. Password reset-configuration (JSP-Loginapp)