As part of ongoing efforts to improve system security and user account management, FIA Tech will be introducing Security Questions for user accounts. As of Sprint 173 on November 9th, 2020, users will be presented with a series of questions when first logging in, to be used for user verification when requesting a password reset or email address change. Responses to these questions will be optional when first introduced, however as of November 23rd, users must choose questions, and provide responses in order to access the application.
Choosing and Responding to Security Questions
Users will be presented with a dropdown list of potential questions, out of which 5 must be selected and answered. Users will need to both supply and confirm their response in the respective fields below the chosen question.
Upon selecting "Save", responses and questions are validated, identifying discrepancies between responses, or missing questions that will need to be addressed prior to submitting.
Once saved, the following message will be presented, and you will be able to continue to access applications:
- Confirmation Answers are case-sensitive, and must be answered in the same case as supplied when initially entered
- All answers must be different
- Must contain a minimum of 3 characters
- Must NOT contain the User Account Name
- Must NOT contain registered email address
Bypassing Security Question - Available until Nov. 23rd
Users who opt to delay supplying answers to the questions may do so by simply selecting their desired application from the top banner of the application, highlighted below.
Updating Security Questions
Within the UserHub, users may update their Security Questions by going to Actions> Change Security Questions:
This will trigger an authorization message to a user's registered email address, which will need to be entered prior to updating Security Questions.
Security Question Challenges - Email Address Update
Within UserHub, users will be able to update their email address by going to Actions> Change Email Address:
This change will prompt two of a user's five security questions to be displayed, which must be answered before changing the address. A user may select "Change Questions" to have two different questions presented for answering.
Security Question Challenges - Forgot Your Password
Users who have forgotten their password may use the "Forgot your password?" link on the main login page, which will send an email to the user's registered address, with a link to reset.
After selecting the link, the user will be presented with two of their security questions, which will need to be answered prior to creating a new password.
Security Question Challenges - Password Update
Users may also update their profile password through UserHub, via Actions> Change Password, which will then present two Security Questions, which must be answered prior to updating the password.