OTP PIN RESET FUNTIONALITY CHANGE

Idea created by narendra.pedapudi on Dec 17, 2014
    Not planned
    Score15

    Requirement: When end user resets PIN using Forgot my PIN option, He should be able to generate the OTP using old account in client software. i.e.,

    Present Scenerio

    1. User clicks on Forgot PIN
    2. User receives an security code on registered email
    3. User enters the Security code and recreates new PIN in the Secure Cloud server.

    UPTO THIS EVERYTHING IS FINE AS THIS IS HOW OTP SHOULD WORK BUT UNFORTUNATELY

    THE BELOW STEPS FOLLOWED ON.

    1. User receives OTP activation email
    2. User has to start from scratch and all the work done in the past must be reproduced,

    Instead we need

    1. User clicks on Forgot PIN
    2. User receives an security code on registered email
    3. User enters the Security code and recreates new PIN in the Secure cloud server.
    4. User enter new pin in client software (Here no need a new activation mail. Instead user enters the pin in old account)
    5. User login to environment using Username and OTP

     

    The OTP functionality should have no relation with the end users OTP software, except that the soft token is imported for the first time. The PIN should only be known to the WIC server, and if the passcode generated by the user using his client software matches that of server, then the user should be logged in.