/idm/pwdreset unique id validation

Former Member · ‎09-21-2011

Hi,

Is there a way we can validate the user id (unique id) in the password reset guided procedure against the IDM database ?

Right now if i even enter "a" in the unique id space the guided procedure take it and shows up some random questions. we want IDM to validate if the entered unique id is correct and if possible to only allow those id's which have a profile set.

Please let me know how can this be achived.

Thanks

Former Member · ‎10-03-2011

Hi,

Although there is a verification that the user exists, this information is not revealed to the end user for security reasons.

If a non existent ID is entered, random questions are given.

If the password reset would inform whether a user exists or not, you would be more vulnerable to attacks, as the attacker would actually know whether the given ID is legal.

Best regards

John erik Setsaas

/idm/pwdreset unique id validation

Accepted Solutions (0)

Answers (1)

Answers (1)

Can CrestalReports.NET be developed even if the DB...

How-to-guide for SAP GUI Scripting

Re: applying conditional formatting to the hierarc...

Re: How to quantify memory usage of an ABAP instan...

Re: How to quantify memory usage of an ABAP instan...