Password reset and account recovery
After you upgrade to Identity Engine, learn about the changes to password reset and account recovery.
|Change summary||Password reset and account recovery is now called self-service account recovery. A single authenticator enrollment works for both recovery and authentication, and any enrolled authenticator provides additional verification.|
|Admin experience||If a password policy doesn’t allow password changes, you can't enable password resets.
Be sure that you enable the Okta Verify, Phone, Email, and Security Question authenticators if you want to make them available in the password policy. Enable the Push feature in Okta Verify to enable it as a recovery option.
If you decide to disable an authenticator later, you must disable it from the password policy first.
|User experience||These enhancements secure and simplify the enrollment process for users:
|Related topics||Configure the Email authenticator
Configure the Okta Verify authenticator
Configure the Password authenticator
Configure the Phone authenticator
Configure the Security Question authenticator