Tracker.Net has the optional capability to prompt the user for security questions and to use these security questions to allow the user to reset his or her password. This would normally be used instead of the allowing the users to enter their email address and have their username and password sent to them.
To set up security questions, go to the Other Settings tab of Global Settings screen and check Use Security Questions. Set the Number of Security Questions (1 - 5) as well as the Security Questions Lockout Tries. If the user answers the questions incorrectly this number of times, he or she is locked out of the system for the Minutes that Students are Locked Out for Incorrect Security Questions. After that time, their tries reset and they can try again. These settings are shown below.
The security questions are organized into bands that correspond to the question number. By default, there are four questions per band, meaning that the user will have the choice of four security questions to choose from. If you are using fewer than five security questions and want to increase the number of choices, you can edit the Tracker_SecurityQuestions table in the database to associate the questions with different bands. You can also add more security questions. The SecurityQuestionKey column has a relationship to the Tracker_LanguageConstants table, meaning that you need to add the questions to that table and then enter the corresponding LanguageConstantKey into the SecurityQuestionKey column. The Tracker_SecurityQuestions table is shown below.
To edit the text of the questions, use Language Strings screen. We recommend searching by "securityQuestion_" (via the LanguageConstantKey column if using the Filter Box) as shown below.
Once this is configured, the users will see the Forgot Password link as shown below. Note that this text can also be edited on the Language Strings screen.
The user will be prompted to enter his or her username before clicking the Forgot Password link. After clicking the link, they see this screen that asks them to enter their answers.
If the user successfully answers the security questions, he or she will go to a new page to select security questions and enter a new password. This is the same screen a user sees if his or her password expires.
See Also