In case security questions are selected, user who tries to reset the password will have to answer some questions. And if the web part identifies this user’s answers as correct ones, the password will be changed online.
If you want to use this option for password reset, select “Use security questions”.
Then define administrative options: enter domain name, user principal name and password. This data is applied for user who will have rights for password reset (web part administrator).
In this field you can apply a password policy to users form an organizational unit and allow chosen groups to reset passwords.
Then check required boxes:
Unlock Account Automatically – system can unlock locked user (according to security settings);
Enable Account Automatically – disabled account can be enabled again for authentication (according to security settings);
User must change password at next logon – user will have to change new password again when logging to the system next time;
Check for valid user E-mail – the system will check if the entered email address is the same as email address defined for Active Directory.
Now define security questions (from 1 to 3) and point corresponding Active Directory fields that contain answer information. The system will define if user’s answers match the values of corresponding Active Directory fields.
Now click “OK” to save the settings and return to the web part. Or click “Apply” to save the settings and continue adjustment (in this case the settings block will stay opened).