Step 10: Configuring the Forgot Password Utility

To configure the Forgot Password Utility:

  1. Store email addresses in the PSOPRDEFN.EMAILID and PSUSEREMAIL.EMAILID records where PRIMARY_EMAIL = ‘Y’.

    The New User Registration Forgot Password utility leverages the PeopleTools security function for forgotten passwords. This function uses the PeopleTools Workflow and requires users to have an email address stored in their user profile (General tab, Edit Email Address link).

    To take advantage of the Forgot Password utility, you can require users that are created through the SCC_USERREG_CREATEACCT service operation to enter an email address. For example, guests who create their own account using the New User Registration login page. To require users to enter an email address, select this option in the New User Registration Installation page. The email address users enter at account creation time is automatically stored in the newly created user profile. The email address is used to populate the records PSOPRDEFN.EMAILID and PSUSEREMAIL.EMAILID with an email type (EMAILTYPE field), and the PRIMARY_EMAIL field must be selected.

    See:

  2. Create the URL you include in the forgotten password email text.

    When you use the Forgot Password utility, the user receives an email message that contains the newly generated password. In the email message, it is recommended that you include a URL to access the New User Registration login page. Use the URL to force users to reset the temporary password they received. After users log in with their temporary password, they should be automatically redirected to the Change Password page. The URL you use must be embedded with the New User Registration context ID that grants the newly authenticated user the security to access and immediate transfer to the Change Password page. Your system includes a New User Registration Context ID sample: SCC_NURCTXT_20130211110717 - NUR_CHANGE_PASSWORD. Make sure the generic URL you use has been configured using the New User Registration Installation page.

    See:

  3. Create password hint questions.

    To use the Forgot Password utility, users need to answer a security question or password hint question. To create password hint questions, go to PeopleTools, and then Security, and then Password Configuration, and then Forgot Password Hint.

    See PeopleTools: Security Administration, “Creating Hints for Forgot Passwords.”

  4. Set up the Forgot Password email text.

    When the user initiates the Forgot Password utility and successfully answers the security question, an email message is sent to the email address that is stored in the user's profile. It includes a newly generated password. You can configure the email message text by going to PeopleTools, and then Security, and then Password Configuration, and then Forgot Password Email text.

    The email text must include the <<%PASSWORD>> tag. PeopleTools replaces the tag with the newly generated password. To facilitate user experience, it is recommended that you also include a URL that transfers the user automatically to the New User Registration sample login page (or your own version of this page). This is the URL you create in step 2. This forces the user to immediately change the newly received password. The PeopleTools email text editor allows you to easily paste a URL. You can use the URL you marked as Active in the New User Registration context ID in your system (SCC_NURCTXT_20130211110717 - NUR_CHANGE_PASSWORD).

    This is an example of an email text:

    You are receiving this auto-generated email message because you requested your Campus Solutions password to be reset. Use the following temporary password: <<%PASSWORD>>. Click this link or copy the below URL to access the system with your newly generated password. You will be requested to change the temporary password immediately.” https://yourKioskServer.yourKioskDomain.com/psc/ps/EMPLOYEE/HRMS/c/SCC_NUR.SCC_NUR_REG.GBL=start?CAMPUS_URL=https%3a%2f%2fyourCSServer.yourCSDomain.com%2fpsc%2fps%2fEMPLOYEE%2fHRMS%2fs%2fWEBLIB_SCC_NUR.SCC_SS_GATEKEEPER.FieldFormula.IScript_SCC_GateKeeper%3fSCC_APPL_CONTXT_ID%3dSCC_NURCTXT_20130211110717

    See PeopleTools: Security Administration, “Working with Passwords.”

  5. Grant all your users access to a self-service page where they can respond to a security question.

    Delivered with your system with the generic PeopleTools security a self-service user can answer is a security question under Home page, My System Profile. In the General Profile Information page (USER_SELF_SERVICE), by clicking the link Change or set up forgotten password help, the user can select a question and enter a response. This page is delivered with your system and security needs to be granted to all of your users. Alternatively, a simpler self-service version of this page could be created.

  6. Configure the Forget My Password page.

    This is a delivered custom version of the Tools page EMAIL_PSWD as public.

    See PeopleTools: Security Administration, “Working with User Profiles Across Multiple PeopleSoft Databases, Implementing Default User Profile Synchronization.”

  7. Make sure you grant all your users access to a permission list set up with Allow Password to be Emailed and Forgot My Password.

    See Step 1: Initial Setup for New User Registration.

  8. Set up the New User Registration context ID for the Change My Password page, or use the SCC_NURCTXT_20130211110717 - NUR_CHANGE_PASSWORD context ID.

  9. Set the PeopleTools Workflow to activate email.

    The New User Registration Forgot Password utility leverages the PeopleTools send password functionality. Because this functionality uses the PeopleTools Workflow, the following setup is required:

    1. Go to PeopleTools, and then Workflow, and then Defaults & Messages, and then Set Workflow Defaults.

    2. In the Worklist System Defaults page, and then System Wide Route Processing make sure the Worklists Active and the Email Active check boxes are selected.

    3. Reboot the application server for the changes to take effect.