[keycloak-user] Multiple security Q&As for a user

Stian Thorgersen sthorger at redhat.com
Wed Mar 2 07:29:17 EST 2016


The security questions option you are referring to is only an example on
how you can implement your own. It's not a built-in feature of Keycloak,
nor is it aimed for use as is. It's intended to be simple and focus on
showing how to write a custom authenticator, so with that in mind 1
question makes more sense than 3.

On 1 March 2016 at 05:13, Riddhi Rathod <RRathod at carbonite.com> wrote:

> Hi all,
>
> If security question option is enabled in the login flow, then the user
> has to save answer to it (Default question: “What is your mother’s name?”).
> This question is asked to user in the event of “forget password” for
> additional level of security. However, in the current system, there is
> provision of storing only one security Q&A. I am looking to modify this to
> include the following:
>
> Could this functionality be extended to include 3 security Q&As which is
> popular practice. I modified the keycloak secret-question.ftl to include 2
> more questions. But there is no way to store the additional questions and
> answers extracted from the ui form in the UserCredentialValueModel
> (SecretQuestionRequiredAction.java).
> The security questions are not fixed i.e. a dropdown menu of questions
> will be displayed to users and they will be able to select whichever
> questions they want to.
>
> Does keycloak support storing of multiple security Q&As for a user? Has
> anyone tried this before?
>
>
> Thank you,
> Riddhi Rathod
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160302/055d7944/attachment.html 


More information about the keycloak-user mailing list