The configuration of secret questions can be found here: MAIN SETTINGS >> Password Settings >> Reset Self-Service >> User Verification Type
Please refer to the documentation in the Config Editor for further up-to-date information about configuration.
The most important settings are part of the Secret Questions Settings.
The main configuration tasks are:
- Configure the set of questions
- Review security settings (Required Number Of Provisioned Answers, Allowed Number Of Attempts)
- Review Normalization policy
- Add or review translations for all configured questions (See Changing text elements - note that the translations must be available for both the Loginapp and the Adminapp).
To automatically activate secret questions for all newly inserted users (in Adminapp, REST API or Service or User Registration Self-Service), do the following:
- In the Config Editor, go to the User Persister plugin that is used to insert new users (this is usually: MAIN SETTINGS >> Data Sources >> User Data Sources).
- The configured User Persister plugin may provide Event Listener hooks (e.g. Database User Persister).
- If it supports event listeners, add the plugin New User Defaults Setter and configure it to enable secret questions
