Discrepancy in Displayed Security Questions During Password Reset Process

Which IIQ version are you inquiring about?

Version 8.3

Please share any images or screenshots, if relevant.



Share all details related to your problem, including any error messages you may have received.

Description:
I’ve encountered an issue with the password reset process in our SailPoint IdentityIQ (IIQ) environment, specifically regarding the display of security questions. Here’s the scenario:

  1. Initial Login:

    • During the initial login process, users are prompted to answer a security question for authentication.
    • Upon providing the answer, the user successfully logs in.
  2. Forgot Password:

    • When attempting to reset the password by clicking on the “Forgot Password” tab during login, a new window pops up for the security question.
    • However, the question displayed in this window is different from the one the user answered during the initial login.
    • This discrepancy leads to confusion and may impact the user’s ability to successfully reset their password.

Configuration Details:

  • “Forget password” checkbox is enabled in Global Setting > Login Configuration > User Reset.
  • Number of questions asked to authenticate an identity: 1
  • Number of questions a user must answer for authentication: 1

Troubleshooting Steps Taken:

  • Verified the user’s profile settings and confirmed that the correct security question is associated with their account.
  • Reviewed the password reset flow configuration to ensure it’s set up correctly.
  • Checked UI customization settings to ensure the correct security question is being displayed.

Request for Explanation:
I’m seeking clarification on why a different security question is being displayed during the password reset process compared to the one answered during the initial login. Any insights or suggestions on resolving this issue would be greatly appreciated.

Thank you
Rohit

Hi Rohit,

What is the authentication source that you are using,Is it sailpoint internal DB or some other source?

Thanks

Hey @rohitmisal45 ,

This is normal. Theres is a shuffle in the questions to not show the same one everytime.

best

1 Like

Hello @ipobeidi,
I answered to a single question when I first logged in, so the same question should be asked when changing your password or if you forget it.

when you try to do Forgot Password

but if you have 3 questions its going to be pulled from this poll.

I have set a single question -

  • Number of questions asked to authenticate an identity: 1
  • Number of questions a user must answer for authentication: 1

Screenshot 2024-05-17 201128

Number of questions to “AUTHENTICATE” not Forget password.

You were asked 1 question to authenticate, but people can choose from 3 questions.