In the DualShield Platform, there is a dedicated service portal for resetting passwords, DualShield Reset Password (DRP) portal.
Set up Reset Password Portal
Set up Logon Procedure
Logon Procedure defines how users will be authenticated when they attempt to login to the portal. You can define a logon procedure of 1-step, 2-step and 3-step verification, for instance.
In the Admin Console, select "Logon Procedures"
There is a pre-defined logon procedure named "Reset Password Service".
To change its logon steps, click its context menu, select "Logon Steps"
You can define the logon steps according to your own requirements. Obviously, you do not want to include Static Password in the logon procedure.
For resetting passwords, Authorisation Code and Security Questions are commonly used to verify users. You can include either or both of them depending on the level of security that you wish to acheive.
Set up Application
In the Admin Console, select "Applications"
There is a pre-defined application named "Reset Password Service"
Normally, you do not have to make changes to the default setup.
Set up Realm
Realm is a group of user domains. It defines who is allowed to access the application that's associated with the realm.
In the Admin Console, select "Realm"
There is a pre-define realm named "Deployment Service"
You must change the domains that are to be included in this realm, e.g. deepnetmfa.com
The URI of the DualShield Reset Password portal is:
https://your-dualshield-fqdn:8076/drp
If you want to allow users to access DRP from the public network then you must set up port forwarding on your firewall.
User Experience
Users will be prompted to enter their username first
Then, users will be prompted to authenticate themselves.
How the users will be authenticated depends on how the logon procedure is defined for DRP.
Typically, authorization codes are used to verify users:
Security Questions are also commonly used to verify users:
Once the user has been successfully verified, they will be allowed to reset their password.
