Contact us

Using Security Questions for Password Resetting

Situation:#

User forgets the password. How to reset the password with an answer to a security question? How this answer is defined?

Solution:#

User defines an answer to a security question when he fills out a special field. Information from this field will be verified and if the answer is correct, password will be reset.

How to implement:#

Two web parts are installed on a SharePoint site – Virto Active Directory Self User Serviceand Virto Password Reset and Recovery Web Part.

The first web part allows user to set an answer to a security question (value of the special field), the second web part enables to reset the password when user forgets it.

The following actions must be done:

  1. Virto Active Directory Self User Service installing.
  2. Adding special field which will contain answer to a security question.
  3. Virto Password Reset and Recovery Web Part installing.
  4. Selecting field (created in 3) in the Password Reset and Recovery Web Part settings for security question answer.

Detailed Instruction:#

For SharePoint site administrator

Install Virto Active Directory User Service. Then go to “Site Actions – Site Settings”. Follow the link “Virto Active Directory Service Settings”.

Virto Active Directory Service Settings link in SharePoint Site Settings

Click “Manage Fields” and use “Add Field” to add new field to the list.

Manage Fields view in Virto Active Directory Self User Service with the Add Field option

Add Field form for creating a new field in Virto Active Directory Self User Service

Enter required data and pay attention to the field “AD Name” (corresponding field from Active Directory).

New field details with the AD Name mapped to the corresponding Active Directory field

Click “OK”.

Newly added security answer field shown in the Manage Fields list after clicking OK

The field will appear in the Active Directory Self User Service Web Part.

New security answer field displayed in the Virto Active Directory Self User Service web part

Go to the site where Virto Password Reset and Recovery Web Part is installed. Use “Edit Web Part”.

Adjust web part for security question (see User Guide). Define the field (created with the Active Directory User Service) as a field with an answer to security question.

Virto Password Reset web part settings with the field selected as the security question answer

Click “OK”.

For user

Go to SharePoint site where the Active Directory User Service is installed. Fill out the field “Secure Answer (Pet’s Name)”. Click “Save”.

User filling out the Secure Answer (Pet’s Name) field and clicking Save in the Self User Service

When user forgets his password

Go to the site with anonymous access (contact your administrator).

Password Reset web part on the anonymous-access site prompting for the security question answer

Enter answer to the security question. Click “Submit”. If the answer is incorrect, a message will appear.

Error message shown when the answer to the security question is entered incorrectly

When the answer is correct, password will be displayed and sent by e-mail.

Reset password displayed after a correct security question answer, also sent by email

Updated on June 17, 2026