Security question - policy parameters
This table lists the policy parameters specific to security questions.
In addition to the policy parameters defined in this table, the policy parameter defined in [the table] is also valid for security question credentials.
| Name | Data Type, Values | Default | Description |
|---|---|---|---|
| maxAnswers | Data type: int | 3 | Maximum number of questions a user may select and answer. |
| maxAnswerDeviation | Data type: int | 20 | Maximum allowed deviation when validating, relative to length of answer. |
| maxAnswerFailureCount | Data type: int | 3 | Maximum number of subsequent failed authentications after which the provisioned answer may not be used again for any use case. |
| maxAnswerRevealCount | Data type: int | 3 | Maximum number of reveals after which the provisioned answer may not be used again for any use case. A "reveal" denotes the process of showing the plain content of a user's answer to an admin, either by means of web GUI or web service. E.g., a user calls the Helpdesk by telephone, and the Helpdesk reveals the answer to compare it to the oral statement of the user. |
| maxAnswerSuccessCount | Data type: int | 3 | Maximum number of authentications after which the provisioned answer may not be used again for any use case. |
| minAnswers | Data type: int | 1 | Minimum number of questions a user has to select and answer. |
| restrictModifyToOwner | Data type: boolean | true | If set to true, only the user/owner of security question is allowed to add or modify answers. Deletion is still allowed for anybody who has permission to delete the credential. |