Using Password Management in Oracle Universal Authenticator

Introduction

This tutorial demonstrates how password management features work in Oracle Universal Authenticator.

When a user attempts to login to their device using Oracle Universal Authenticator, a user may need to change or reset their Oracle Access Management password, for example, if they have forgotten their password, or if their password has expired or is about to expire.

Prerequisites

Before starting this tutorial you must have:

  1. A running Oracle Advanced Authentication installation deployed with Oracle Universal Authenticator.
  2. Device authentication configured using one of the following tutorials:
  3. Configured the password forgotten and reset URL’s in Oracle Advanced Authentication. See Password Management.

Note: If the Administrator has not configured the password forgotten and reset URL’s in Oracle Advanced Authentication, then the Forgot Password and Change Password links will not be visible to user when logging in.

Using the Forgot Password Feature

In this example, the user has previously logged into Windows with Oracle Universal Authenticator. On a subsequent login, the user has forgotten their password.

  1. Start your Windows device and select Oracle Universal Authenticator to login:

  2. In the username screen, enter your Oracle Access Management username and click the arrow:

  3. You are prompted to enter your OAM password. As the password is forgotten, click Forgot password:

  4. A browser will start, and you are redirected to the forgotten password URL configured by your Administrator. The pages you will see are organization specific. Enter the required details to resolve the forgotten password.

    The following shows example forgotten password pages:

    Enter username:

    Answer security questions:

    Enter new password:

    Password changed successfully:

  5. Once the password is changed close the browser. You will be directed back to the OAM credentials screen where you will enter your OAM password.

Using Change Password

In this example, the user has previously logged into Windows with Oracle Universal Authenticator. On a subsequent login, the user wants to change their OAM password.

  1. Start your Windows device and select Oracle Universal Authenticator to login:

  2. In the username screen, enter your Oracle Access Management username and click the arrow:

  3. You are prompted to enter your OAM password. Enter the required credentials and click the arrow:

  4. You are prompted to enter the details for the second factor. Here you can click the Change password link to change your password:

  5. After clicking Change Password a browser will start, and you are redirected to the password reset URL configured by your Administrator. The pages you see are organization specific. Enter the required details to reset the password.

    The following shows example password reset pages:

    Enter username:

    Answer security questions:

    Enter new password:

    Password changed successfully:

Password Expires Soon

In this example, the user has previously logged into Windows with Oracle Universal Authenticator. On a subsequent login, the user enters their OAM username and password and receives a message saying their password is due to expire.

  1. Start your Windows device and select Oracle Universal Authenticator to login:

  2. In the username screen, enter your Oracle Access Management username and click the arrow:

  3. You are prompted to enter your OAM password. Enter the required credentials and click the arrow:

  4. A message appears saying your password will expire soon:

  5. You can choose one of two options:

    • Click Cancel if you want to change the password later. If you click Cancel, the existing password will be accepted and you will be directed to enter the details for the second factor. Alternatively you can click the Change password link that is displayed to reset your password:

    • Click OK to change the password straight away.

    If you click OK (or click the Change Password link after clicking Cancel), a browser will start, and you are redirected to the password reset URL configured by your Administrator. The pages you see are organization specific. Enter the required details to reset the password. Example Reset Password pages are shown in Using Change Password.

  6. Once the password is reset, close the browser. You will be directed back to the username screen where you will need to authenticate in the usual way by entering your OAM credentials, and second factor.

Password Has Expired

In this example, the user has previously logged into Windows with Oracle Universal Authenticator. On a subsequent login, the user enters their OAM username and password and receives a message saying their password has expired.

  1. A message appears saying your password has expired:

  2. You can choose one of two options:

    • Click OK to change the password straight away.
    • Click Cancel if you do not want to change the password. Here, you will be be logged in to the device in offline mode. See Offline Login.

    If you click OK, a browser will start, and you are redirected to the password reset URL configured by your Administrator. The page you see is organization specific. Enter the required details to reset the password. Example Reset Password pages are shown in Using Change Password.

    Once the password is reset, close the browser. You will be directed back to the username screen where you will need to authenticate in the usual way by entering your OAM credentials, and second factor.

Learn More

Feedback

To provide feedback on this tutorial, please contact idm_user_assistance_ww_grp@oracle.com

Acknowledgements

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.