I work in a university environment and I'm working on getting FIM 2010 R2 SSPR set up to allow students and employees to register for and reset their own passwords, replacing an existing 10+ year old system. I've more or less identified how to
pre-register accounts with PowerShell using the same data we currently use for first-time use of accounts. Currently, first time users are asked for ID # (which they are provided ahead of time), last 4 digits of SSN and date of birth. My challenge
is that I'd like subsequent password resets to use a different set of questions (or at least potentially questions from a larger set than we pre-populated answers for). Does anybody have thoughts on how this might be accomplished? I'm open to reasonably
secure alternative suggestions as well.
↧
SSPR QA gates - how to force re-register if programatically registered?
↧