Re: Password Reset Self Service
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 8 Feb 2007 00:30:36 -0600
What sort of alternate authentication mechanism do you plan to use? Will
you use question/answer pairs or some form of stronger 2 factor auth? If
you use security questions, where will you store the answers? How will that
store stay synchronized with the directory? How will you keep that data
secure, given that it can be used to steal anyone's identity? How exact do
the answers have to be? Do users ever have to change the answers? Do you
validate the answers to make sure they aren't easy for someone else to
guess?
Creating a web page that does the password reset is quite easy. It
typically boils down to something like:
user.SetPassword(newValue)
It only requires an ID with password reset permissions to perform the
change. Answering all of those other questions is less easy.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
<andy.liwen@xxxxxxxxx> wrote in message
news:1170910113.071661.14100@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Looking for a simple AD password reset function - optimally a web
page. No heavy lifting. Thanks
.
- References:
- Password Reset Self Service
- From: andy . liwen
- Password Reset Self Service
- Prev by Date: Re: Giving domain user access to update AD users contact info.
- Next by Date: Re: Web Based OU Administration?
- Previous by thread: Password Reset Self Service
- Next by thread: Re: Password Reset Self Service
- Index(es):
Relevant Pages
|
