Authenticating to Enterprise Access Management via Security Questions (Q&A)
When logging in to Enterprise Access Management or unlocking a workstation, users who forget or lose an ID token, smart card, or other authentication factor, can authenticate by answering their security questions (emergency access). To authenticate with emergency access, click Menu > Show more auth methods on the desktop login screen.
NOTE: If the legacy login experience is enabled in the computer policy (Customization tab > Login experience – Windows section > Legacy experience), click Forgot password to use emergency access.
Emergency access:
-
Must be enabled in the user policy (Authentication tab > Desktop Access section > Answer security questions).
-
Is only available when the Imprivata agent is online.
You can set different security questions with different settings for different user policies. When you create a new user policy with emergency access privileges, the new policy uses the settings in the default policy as a starting point. See Configuring Authentication Methods in User Policies.
Imprivata Self-Service and Password Reset
The Imprivata Enterprise Access Management self-service web application lets users securely identify themselves and reset their primary password if they have forgotten their primary password or lost an authentication device.
See Imprivata Self-Service Password Reset.
NOTE: The account lockout settings of the user policy (Authentication tab > Lockout section) control the lockout behavior for both self-service password reset and authentication through security questions (emergency access). If the policy is configured with both features, verify that the lockout settings meet your needs for both emergency access and self-service password reset.
