Security Questions
Customize your Security Questions from the Descope console (Settings > Authentication Methods > Security Questions).
Descope Security Questions let you verify an already authenticated user by having them answer one or more questions with answers known only to the user. It is designed to be used post-authentication and with other authentication methods to allow for a more secure password reset and step-up functionality.
Security Questions Settings
Questions
The default setup includes five security questions, which you can customize by modifying, removing, or adding your own.
All Settings
| Setting | Details | Range[default] |
|---|---|---|
| Enable method in API and SDK | This toggle switch enables or disables the authentication method from being available for use within API and SDK | Enabled/[Disabled] |
| Questions List | Add or remove questions from this list to make them available to user during setup | 2-50 [5] |
| Require at least x questions from the end user upon setup | The number of questions the user must answer during setup. During verification one is chosen at random | 1-50 [1] |
| Lock account after x attempts | When a user answers questions incorrectly more than x times, the user will be locked and unable to log in again. | Checked/[Unchecked] 2-10 [5] |
| Temporary lock after x attempts, for y minutes | When a user answers questions incorrectly more than x times, the user will be temporarily locked and unable to log in for y minutes. After y minutes the user will be able to log in again. | Checked/[Unchecked] 1-10 [3] 1-1440 [5] minutes |
Was this helpful?