Without security questions activated, users will be asked for their date of birth to validate their login credentials. Security questions give more choices by allowing users to choose from a variety of questions and specify answers that they are not likely to forget. Security questions are used when users try to recover forgotten passwords.
In this document, we cover how controllers can enable security questions for their organisation and how users can use it.
Choosing security questions and answers – (General Users)
It is mandatory to answer at least ONE question. Answering two or three questions is recommended.
Editing my security questions and answers – (General users)
Users who can login into the system can amend their security questions by clicking on theat the top-right of the screen followed by the item.
Enabling security questions for my organisation – (Controllers only)
A controller can enable security questions in> .
If the option is disabled as above, click “Disable” to enable security questions.
Resetting forgotten security answers – (Controllers only)
Users who can not login because they have forgotten answers to their security question can ask their controllers to reset security questions for them. After a reset by the controller, users can setup security questions afresh.
Controllers can reset security questions in>
The option to reset security questions is available only if security questions are enabled in your organisation. Click on thebutton against the user’s name and reset their questions.
If a user forgets both password and security questions – (Users and Controllers)
Users who can not login because they have forgotten both their password and the answer to their security question can ask their controllers to perform a reset for them.
Controllers should navigate to>
From there, find the correct user and click on thebutton.
- First click the item.
- Then click agains and select the item.
Note – These have to be activated at the same time and in that order.
The user will then be able to specify new login and security details after following the time-limited reset link which will be emailed to them.
If a controller locks themselves out – (Controllers Only)
Even controllers are human! If a controller finds they can not login because they have forgotten both their password and/or the answer to their security question can ask another of the controllers in their organisation to perform a reset for them (see above for details). An email with time-limited reset link will be emailed to them as with any user-lockout.
However, if no other controllers are available, or there is only controller registered on the Toolkit, this is a more complicated procedure and will require additional support from the Myhrtoolkit support team.
Please visit the myhrtoolkit support page for contact options.