<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00005vTpxoSACOkta Classic EngineAdministrationAnswered2025-07-23T09:00:14.000Z2019-01-31T15:12:37.000Z2020-08-31T13:03:38.000Z

  • GabrielL.85945 (Customer)

    Hello Solomon,

     

    There are two security questions in Okta. There is a security question used with MFA, and there is a separate security question for self-service recovery, which includes password resets. Resetting the security question for MFA will not reset the security question for self-service recovery.

     

    There is no option for an admin to reset the security question for self-service recovery. If the user has forgotten the answer to their security question, they will need to contact an Okta admin to have the password reset. You can reset the password by pulling up the user's profile in the Okta admin console and click the "Reset Password" button.

     

    Once the user is able to login again, instruct the user to go to their Okta dashboard, navigate to the Settings page, and then there will be a "Forgot Password Question" box where they can change their security question/answer.

    Expand Post
    Selected as Best

  • VanH.30758 (Lytx, Inc.)

    If this is the security question for multi-factor authentication, within the user profile in OKTA, there is a "Reset Multifactor" button next to "More actions" drown down.

  • GabrielL.85945 (Customer)

    Hello Solomon,

     

    There are two security questions in Okta. There is a security question used with MFA, and there is a separate security question for self-service recovery, which includes password resets. Resetting the security question for MFA will not reset the security question for self-service recovery.

     

    There is no option for an admin to reset the security question for self-service recovery. If the user has forgotten the answer to their security question, they will need to contact an Okta admin to have the password reset. You can reset the password by pulling up the user's profile in the Okta admin console and click the "Reset Password" button.

     

    Once the user is able to login again, instruct the user to go to their Okta dashboard, navigate to the Settings page, and then there will be a "Forgot Password Question" box where they can change their security question/answer.

    Expand Post
    Selected as Best

  • miq6n (miq6n)

    Will that ever change? In other words, will Okta admins be able to reset both MFA factors and Forgotten Password factors?

  • qcbvx (qcbvx)

    This needs to be fixed. Please allow Okta admins to reset this.

  • ErnieS.57466 (LifeScan / Data Blue)

    Is there any plans to update this in the future? This seems like a very important feature for admins?

  • dt8un (dt8un)

    i have forgotten the answer to my security question, how do i find it and recover my login ID. I am currently unable to access my okta account.

  • uh5u3 (uh5u3)

    using okta API you can change recovery question and answer.

    {{url}}/api/v1/users/{{userId}}/credentials/change_recovery_question

     

    download postman and okta collection for postman called "Users". you will find within an api end-point called "Credentials operations" which will allow you to manipulate user's security question in the post request body:

     

    {

     "password": { "value": "{{password}}" }, 

      "recovery_question": {

       "question" : "What happens when I update my question",

       "answer": "My recovery credentials are updated" 

      } 

    }

    Expand Post

    • v1r0d (v1r0d)

      this need the current password of the user, in some cases, users may forget it, and also it's not secure to share password.

  • JakeR.76588 (Customer)

    Hi all, Just solved this. Go into the admin dashboard, directory, and to their profile. Instead of sending them a reset password link you need to create a temporary password. Provide this to the user (encrypt the email of course if sending it) and when they login they will be challenged to create a new password and then to provide their 2-F key (if enabled for your org). Then they'll be signed in and be able to go into their account settings and change the blasted question.

    Expand Post

  • RyanS.58278 (Customer)

    I'd like to add something to Gabriel's answer.

     

    If When an admin resets the user's password via the "Reset Password" button, if the admin selects "Reset Password Link" the user will still be prompted to answer their password recovery question after clicking the link.

     

    To reset the user's password without needing the answer to the password recovery question, the admin must click "Temporary Password" after selecting the "Reset Password" button. After supplying the user with the temporary password in some secure fashion, the user can use it to login one time and create a new password. Once the user is able to log in, they can go to their profile and update their password recovery question.

     

    Hope this helps.

    Expand Post
This question is closed.
Loading
how to reset a user's security question