JordanJ.26599 (Customer) asked a question.
Hello,
My organization just purchased Okta primarily as a replacement for our previous SSO vendor but I am exploring solutions for users who forget their password and require a reset. Currently, if a user forgets their password, they contact our Help Desk who verifies the user through their security questions (Courion), then changes their password via Active Directory. By not exposing this ability externally, we stop it from being exploited outside of our network.
Essentially we want to keep doing what we are doing but instead use Okta for security questions and make sure the end-user is not able to do this themselves. It may sound archaic but unfortunately this is the orders I have been given... for now.
TIA!
Hi Jordan,
Okta can indeed provide functionality for password changes, its options are based on the Password Policies, in this case for Active Directory with Delegated Authentication, you will see an Active Directory Password Policy enabled and options available via its Rules.
https://support.okta.com/help/s/article/Creating-a-Password-Policy
https://help.okta.com/en/prod/Content/Topics/Security/Security_Policies.htm
You certainly need to explore the current options for password change and self-service password resets as they may help you with an easier load for the Help Desk team.
It will depend on the extent you wish to work via Okta for Password related activity.
If there is anything you run into and need any help with, our Support Department will gladly help out.
Best Regards,