Enabling MFA for password reset and account unlock

The MFA for Reset/Unlock tab allows you to configure the authentication methods to be used to verify users’ identities during self-service password reset and account unlock, Before you begin, ensure you have enabled the required authentication methods. Click here to see the supported authentication methods.

  1. Go to Configuration → Self-Service → Multi-Factor Authentication → MFA for Reset/Unlock.
  2. Select a policy from the Choose the Policy drop-down. This will determine which authentication methods are enabled for which sets of users.
  3. Note: ADSelfService Plus allows you to create OU and group-based policies. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy. Click Select OUs/Groups, and make the selection based on your requirements. You need to select at least one self-service feature. Finally, click Save Policy.
  4. In the MFA for Password Reset/Account Unlock section, enter the number of authentication methods to be enforced, and select the authentication methods to be used.
  5. Click on the asterisk (*) symbol next to the authentication method to set it as mandatory. You can also reorder the authenticators too.
  6. Click Save Settings.

You can further configure the idle time limit, trusted device, and other relevant settings in the Advanced Settings tab.


Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.


Need technical assistance?

  • Enter your email ID
  • Talk to experts
    By clicking 'Talk to experts', you agree to processing of personal data according to the Privacy Policy.

Copyright © 2022, ZOHO Corp. All Rights Reserved.