Introduction to Password recovery addon

What is password recovery?recovery addon?

The Password recovery ~~is an addon provides by Soffid. This~~ addon allows end users to ~~the end-users revover~~recover their passwords.

Soffid provides the funtionality that allows to config the password recovery depending on the bussiness needs and using different technical ~~solutions.~~solutions. The current available options are the following:

Email recovery
Questions and ~~Answers~~answers recovery
OTP recovery
SMS recovery

In addition, you can enable and use this option in several Soffid components.

Let's look at some use cases.

Use cases

Email recovery

When an ~~end-~~end user wants to recover his password with the email recovery method, Soffid will send an email with a PIN code to the ~~end-~~end user to recover his password.

The ~~end-~~end user must enter the PIN code and, if it is right, Soffid will display a window to write and cofirm the new password.

Please note that for this feature to work correctly, users' email addresses must be registered in Soffid.

Questions and Answersanswers recovery

When an ~~end-~~end user wants to recover his password with the Questions and Answers recovery method, Soffid will display a window to answer the questions configured previously by the ~~end-~~end user in the self service portal.

If the answers are rigth, Soffid will display a window to write and cofirm the new password.

~~Remember,~~Please itnote ~~will~~that befor ~~mandatory~~this feature to ~~config~~work correctly, the ~~Questions~~administrator ~~and~~must ~~Answers~~configure the questions in the Console and the end user must first complete the answers in the Identity Self ~~service~~Service ~~portal~~portal. ~~to use this recovery method. In other case,~~Otherwise, an error will be displayed and the ~~end-~~end user will ~~have~~need to contact ~~with~~ an administrator user.

OTP recovery

When an ~~end-~~end user wants to recover his password with the OTP recovery method, Soffid will display a window to enter the PIN code. The user will need to get the PIN code with an OTP application (Free Otp+, Google Authenticator and Microsoft Authenticator are the most used).

The ~~end-~~end user must enter the PIN code and, if it is right, Soffid will display a window to write and cofirm the new password.

~~Remember,~~Please itnote ~~will~~that bein ~~mandatory~~order to ~~config~~use this feature, the end user must first configure an OTP device in Soffid by registering the ~~Self~~OTP ~~service~~in ~~portal~~one toof ~~use~~the ~~this~~available ~~recovery~~OTP ~~method.~~applications. In other case, an error will be displayed and the ~~end-~~end user will have to contact with an administrator user.

For more information about the OTP method you can visit the Two factor authentication (2FA) book

SMS recovery

When an ~~end-~~end user wants to recover his password with the SMS recovery method, Soffid sends an SMS to the ~~end-~~end user with a PIN code to recover his password.

The ~~end-~~end user must to write the pin code and, if it is right, Soffid display a window to write and cofirm the new password.

Please note that the administrator must have previously configured an SMS gateway. Soffid does not have any preconfigured SCMS services by default; the customer must configure their own service.

ESSO

~~End-users~~Users ~~could~~who ~~recover~~have the ESSO component installed on their ~~passwords~~devices ~~using~~will ~~ESSO.~~also be able to use the password recovery feature.

Remember that in order to use this feature, the user must have ESSO installed and the administrator must have enabled this feature beforehand.

For more information about the ESSO you can visit the ESSO documentation.

Password Recovery questions

~~1. How long is a challenge/PIN valid?~~ ~~currently, it is 30 minutes.~~

~~2. How many times can a wrong PIN be entered?~~ ~~There is no limit~~

~~3. Do old challenges / PINs stay active when a new one is requested?~~ ~~Yes, they are active.~~