Latest revision as of 16:49, 4 May 2018

1 Overview

bxp has the ability to allow system user to reset their password without going thought their system champion, provided one of the bxp Self Service Password Reset options are enabled for their instance of bxp. All Self Service Password Reset options must be enabled by the bxp operations team at All n One, request must be made through the System Champion/ Approved Contact for a system.

Self Service Options

• Security Questions

Note - Additional options are currently in development

2 Security Questions

This Self Service Password Reset option when enabled allows any user who has forgotten their password to log into the system provided that they answer two security questions, these security questions are chosen and answered by the user on the My Details page or can be set by a system admin through the edit user details page. Each user must select two questions from the below list of security questions:

• What is your mothers maiden name
• What is your fathers middle name
• In what city were you born
• What street did you grow up on
• What is your favorite movie
• What is your favorite holiday destination
• What was the make of your first car
• What is the name of your favorite pet
• What is the name of your first school
• What is the name of your first teacher

2.1 Using the engine

When this Self Service Password Reset option is enabled it can only be accessed through the login page of bxp, there will be a Forgot Password link that will display to the right hand side of the password box. To start the Forgot Password process simply click on this link, you will be redirected to the first stage in the Forgot Password process.

From here simply enter in your user name to the bxp system and simply click the Search User Account button at the bottom of the page. If bxp fines a matching account that has two security questions selected and two answers you will be presented on screen with your two security questions and two free text boxes so you can enter in your answers.

Please note that once you click on the Submit Security Questions button, provided that you answer the security questions correctly the user will be logged into bxp and will be presented with the Change My Password page. Once a user goes through the Self Service Password Reset engine they must change their password before they continue using bxp. Each user has five attempts at getting the security questions correct, after the fifth attempt the user account will be locked out of the system, once this happens the only way they can gain access to the system is to contact their system champion.

3 Case Sensitivity

It is possible to make the matching of answers a little easier for users but makes the system a little less secure. bxp has a setting called "Self Service Password Reminder case matching - Insensitive" which is visible in the system settings report System_Id_and_Master_Settings

The option can only be turned on by bxp staff and is set to False by default.

The engine takes the users typed in answers, removes all spaces and converts the text to lower case. It performs the same task to the values already stored for the user and then compares them. This gives maximum possibility of matching the values

To turn this feature on please contact support@bxpsoftware.com to have your settings changed for all users. This is an all users option only. Released as part of bxp Release 10 SER 2.