Symantec IGA

  • Private Community

  • 1.  Masking Answers to Challenge/Response Questions

    Posted Oct 03, 2016 05:57 PM

    How do we configure CA Identity Manager to "mask" the answers users enter for their challenge questions, for example, as part of the self-registration process? Specifically, working with Identity Manager 12.6 SP4.

     

    Note: Initially, we just need to mask the answer the user is typing on screen similar to the way a entering a password is handled. Attempt to change the |Answer1| field type from Text to Password; however, that did not appear to change the way the answer is presented to the user.

    #challengeresponsequestions #challengeresponseanswers #selfregistration #forgottenpasswordreset



  • 2.  Re: Masking Answers to Challenge/Response Questions

    Posted Oct 03, 2016 06:18 PM

    Note: This question appears to be addressed in the Identity Manager tech note TEC448312. Will validate and post update.



  • 3.  Re: Masking Answers to Challenge/Response Questions

    Posted Oct 03, 2016 06:36 PM

    Note: The answers the the challenge questions are encrypted in the underlying CA Directory as described in tech note TEC448312; however, the answers still appears as plain text in the Identity Manager UI when running the Modify Profile task or, more importantly, Challenge Questions section of the the Self Registration profile screen.



  • 4.  Re: Masking Answers to Challenge/Response Questions
    Best Answer

    Posted Oct 03, 2016 07:17 PM

    Tech Note: TEC448312 describes how to encrypt the questions and answers in the directory. Changing the |Answer| field style to Password effectively masks the answer entered in the field. Normally, these two configuration changes would be implemented in injunction.