Modifying Multi Factor Authentication (MFA) Classes
Multi Factor Authentication (MFA) classes define how each user is verified when resetting their passwords. Users in a class with more control over the system might require more detailed verification than others.
To modify a Multi Factor Authentication (MFA) class, open the Work with P-R Classes screen (shown in Working with Password Reset Classes), type the digit 1 in the Opt field for that class, and press Enter.
The Modify P-R Class screen appears.
| Modify P-R Class Type choices, press Enter. P-R class . . . . . . . . . . *DFT Verification method . . . . . 0 0=None, 1=Once, 2=Split (Email+Cell) If 1, use . . . . . . . . . . E E=Email, C=Cell phone Number of private questions . 1 0-10 Perform . . . . . . . . . . . 1 1=New pwd, 2=Enable user, 9=Select Send password by . . . . . . E S=Screen, E=Email, C=Cell phone Password is valid for . . . . 999 1-999 minutes (999=*NOMAX) Private questions retries . . 0 0=*NOMAX Time interval after failed . 60 1-999 minutes (999=No Entry) Restrict Emails to domain(s). F3=Exit F12=Cancel |
Modify the values on the screen as follows:
P-R Class
The name of the Class.
Verification method
The method by which Multi Factor Authentication (MFA) sends verification codes to users with this class. The possible values are:
- 0: No verification code is sent
- 1: One verification code is sent by either email or SMS, as chosen in the next field.
- 2: The verification is sent partially by email and partially by SMS.
If 1, use the method by which Multi Factor Authentication (MFA) sends verification codes to users with this class if the Verification method is set to 1. Possible values are:
- E: Email (default value)
- C: Cell phone via SMS.
Number of private questions
The number of private questions that Multi Factor Authentication (MFA) asks the users after the initial confirmations. The questions are taken at random from those that the user enters via the Work with Persons for Password Reset screen. In addition to the standard questions, you can also add private questions to be asked for identification purposes.
Enter a number between 0 and 10. The default is 0, meaning that Password Reset will skip the personal questions.
Perform
The action that Multi Factor Authentication (MFA) takes by default. Possible values are:
- 1: New Password
- 2: Enable user
- 9: Select
Enter a number between 0 and 10. The default is 0, meaning that Password Reset will skip the personal questions.
Send password by
Set the method to send the new password to all Users with this Class.
- S: Screen
- E: Email (default value)
- C: Cell phone
Number of verifications
Set the number of times that users with this Class will have to verify the new password.
- 0=None (default value)
- 1=Once
- 2=Twice
Password is valid for
The time in minutes after which new temporary passwords for users in this class expire. The maximum time is 998 minutes (16 hours 38 minutes). If the value is set to 999, temporary passwords for this class never expire. The default value is 10.
Private Questions retries
The number of times that a user gets to retry entering the answer to a private question if it fails. If set to 0, there is no limit to the number of retries.
Time interval after failed
The number of minutes that a user must wait after entering the maxium number of failed responses before trying again.
The number can be between 0 and 998. A value of 999 means that there is no waiting time between failures.
Restrict emails by domain
The domains to which verification codes and new passwords can be sent. For example, they might be restricted to domains within the organization. If this field is left empty, the emails can go to any domain.
After entering the changed information for the class, press Enter. The Work with P-R Classes screen appears with the information for that class updated.