Configure reCAPTCHA for Password Recovery¶
The password account recovery feature implemented in the MWARE IAM helps to recover the password of the account in case the user forgets it. This recovery process can also be secured with captcha verification.
By configuring reCAPTCHA, you can mitigate or block brute force attacks.
Info
For more information on setting up password recovery, see Password Recovery Using Email Verification and Password Recovery Using Challenge Question.
For more information on brute force attacks, see Mitigating Brute Force Attacks.
You can either configure the reCAPTCHA for a tenant or configure it globally.
Prerequisites¶
Setting Up reCAPTCHA with MWARE IAM.
Enable password recovery with reCAPTCHA for a specific tenant¶
Follow the instructions given below to configure password recovery with reCAPTCHA for a specific tenant.
-
Start MWARE IAM and log in to the management console as tenant admin.
-
On the Main tab, click Identity Provider > Resident Identity Provider.
-
Expand the Account Management tab, then click on Account Recovery.
-
Select Enable reCaptcha for password recovery.
-
You have now successfully configured reCAPTCHA for the password recovery flow.
Enable password recovery with reCAPTCHA globally¶
Alternatively, follow the instructions given below to configure password recovery with reCAPTCHA globally.
-
Add the following properties to the
deployment.toml
file in theIS_HOME/repository/conf
folder to enable password recovery with reCAPTCHA.Tip
To avoid any configuration issues, perform step-1 before starting the MWARE IAM product instance.
[identity_mgt.password_reset_email] enable_recaptcha=true
-
You have now successfully configured reCAPTCHA for the password recovery flow.
Try it¶
Start MWARE IAM and log in to the My Account (https://<HOST>:<PORT>/myaccount
) application.
Tip
If you have changed the port offset or modified the hostname, change the port or hostname accordingly.
Click Password.
You are redirected to the Recover Password page where the reCAPTCHA is displayed.
Top