Security question - policy parameters
This table lists the policy parameters specific to security questions.
In addition to the policy parameters defined in this table, the policy parameter defined in the table in the chapter All credential types is also valid for security question credentials.
Name | Data Type, Values | Default | Description |
---|---|---|---|
maxAnswers | Data type: int | 3 | Maximum number of questions a user may select and answer. |
maxAnswerDeviation | Data type: int | 20 | Maximum allowed deviation when validating, relative to length of answer. |
maxAnswerFailureCount | Data type: int | 3 | Maximum number of subsequent failed authentications after which the provisioned answer may not be used again for any use case. |
maxAnswerRevealCount | Data type: int | 3 | Maximum number of reveals after which the provisioned answer may not be used again for any use case. A "reveal" denotes the process of showing the plain content of a user's answer to an admin, either by means of web GUI or web service. E.g., a user calls the Helpdesk by telephone, and the Helpdesk reveals the answer to compare it to the oral statement of the user. |
maxAnswerSuccessCount | Data type: int | 3 | Maximum number of authentications after which the provisioned answer may not be used again for any use case. |
minAnswers | Data type: int | 1 | Minimum number of questions a user has to select and answer. |
restrictModifyToOwner | Data type: boolean | true | If set to true, only the user/owner of security question is allowed to add or modify answers. Deletion is still allowed for anybody who has permission to delete the credential. |