Recent Changes - Search:

Categories

Authentication Methods-E-Mail

Authentication Methods - E-Mail

Tags: Authentication Methods

Problem Definition

You have an installation of PortalGuard and are interested in using e-mail as a method of authentication.


Solution

Disable Enrollment - Completely prevents users from enrolling in this type of authentication method.

Optional Enrollment - May remind unenrolled users to enroll during each login, but does not force them to.

  • Optional Enrollment Reminders - Three options for reminding unenrolled users:
    • 1. Always - Always prompt the user until they actually enroll
    • 2. Suppressible - Allows users to suppress the enrollment reminder by checking a box on the logon screen
    • 3. Never - Never prompts the user to enroll regardless of their enrollment status

Force Enrollment - Forces users to enroll in this type of self-service before allowing them to login

Maximum Enrollment Deferments - The maximum number of times users can defer/skip enrollment before being forced. Set to 0 to disable this functionality and force users to enroll during their next login.

Prohibited Email Domains - Optional comma-separated list of email domains which should not be allowed to register. Typically organizational email account domains that the user would be unable to reach if they forgot their password, e.g.: acme.com,acme.co.uk

Confirmation Display of Email Address - Optionally display the email address to which the OTP was sent as confirmation. For security purposes, the username portion can be obscured or display can be completely prevented.

  • Do not display email address
  • Obscured – Partially hidden digits
  • Display full email address

Auto-Populate Email Address - Synchronizes the alternate email address with the user's primary email address from the user repository. NOTE: No errors will be thrown if the primary email address is blank

Require Periodic Email Confirmation By End-User - This setting will prompt the user to enter an OTP sent to their email address every 'X' days. This feature is enforced during login to PortalGuard and can be used to ensure the user still has access to their email address. This confirmation can be either optional or required. If the user cancels an optional confirmation, they will be prompted again in the configured number of days. When marked as required, the user cannot login through PortalGuard until they have confirmed their email address.

Prevent Modification of Email Address By End-User - Locks the alternate email address value and prevents its modification through PortalGuard's self-service features. This option should only be enabled if the email address is being automatically populated.

Push Email Address Updates To Repository - When the user changes their email address through the PortalGuard Account Management page, the new address will be written to their user repository account. For LDAP repositories, this setting requires the 'Generic User' account to have write access to the repository.

Page last modified on March 14, 2016, at 02:38 PM