Backend runs the gamut. The one we use stores info in AD or ADLDS or a back end dB, we refused to update the AD schema for it so it's in ADLDS. There are also smaller solutions that are totally standalone or can plug into other IdM tools you already use.
Research Self Service Password Reset, AKA SSPR. WinITpro mag did a comparison/review in Dec 2011 to get some general ideas. -----Original Message----- From: Maglinger, Paul [mailto:[email protected]] Sent: Thursday, March 08, 2012 10:51 AM To: NT System Admin Issues Subject: Security questions to reset passwords, locked accounts, etc. When you register for online services, it seems that a lot more of them are now asking for security questions so that you can retrieve your password or unlock your account. Is anyone familiar with these systems and can give me a brief rundown on how they work? Are these typically 3rd party solutions or homegrown? Has anyone heard of using them in a business environment to automate the process of re-enabling locked out accounts and reset forgotten passwords? Or more basic yet, are these questions/answers typically stored in some type of database or as an object in AD? -Paul ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
