I am trying to empower end users to re-enroll self recovery so that they can change the challenge questions any time. I have enabled the option in ePO "Allow users to re-enroll self recovery information at PBA". I am able to see this option enabled in the PBA window only once. I am not able to do it more than once.
1: Is it normal that I will be able to re-enroll self recovery only once ?
2: If Yes, how do a user reset his challenge questions later point in time without the help of ePO administrator ?
Thnaks for clarifying.
Can you explain me what is the use of the below option is ePO ?
"Allow users to re-enroll self recovery'
This option in the EE PC Policy will allow users to change answers to self-recovery questions once they authentication in PBA.
It's kind of tricky though if you don't ask for username but just for the password.
Once you set this option in ePO and distribute the policy, reboot one of your systems to PBA.
In PBA, when prompted for a user name there should be checkbox "Re-Enroll Self Recovery". If you are not prompted for the user but only for the password, click on "Change User" to get the username prompt.
Once you check this checkbox and complete the authentication process (provide username and password) you will be prompted to modify the self-recovery data.