This article will provide the factors that can be used to start the self-service password reset flow for end-users. 

• Self-Service Password Reset
• Okta Identity Engine

In Okta Identity Engine, the following factors can be used to perform a self-service password reset:

1. SMS (text message): A one-time code can be sent to the phone number associated with the Okta account to reset the password.
2. Voice Call: Send users who have forgotten their password a voice call with an audible password reset code.
3. Email: Send users who have forgotten their password an email with a password reset code. 
4. Okta Verify Push: Send a push notification to end users who forgot their password.
5. Google Authenticator: Allow end users to type in their TOTP in order to initiate the password recovery flow.

The additional verification can be set as one of the following options:

1. Not Required: After the user initiates the recovery flow and verifies their identity with one of the above factors, they are not prompted for any other factors and are allowed to reset their password.
2. Any enrolled authenticator used for MFA/SSO: End users are prompted for any other enrolled factor after initiating the password recovery flow, and then the user is allowed to reset their password.
3. Only Security Question: The user is prompted for their security question after initiating the flow, and then the user is allowed to reset their password.