Strengthening security question and answers
ADSelfService Plus allows you to implement various controls to security questions and answers for improved user account security.
Most rules, though self-explanatory, are explained below:
-
Prevent a user from providing the same answer to multiple questions.
-
Prevent a user from using a word in the security question in their answers.
-
Display security questions one by one to users during authentication.
-
Display a random subset of security questions for user authentication.
-
Make security answers case-sensitive
-
Hide answers during self-service password reset/account unlock.