Help Document

How ADSelfService Plus verifies your identity?

Enrollment is a one-time process where users enter their mobile numbers and email addresses, answer security questions, or provide other details in ADSelfService Plus to register for self-service password management.

ADSelfService Plus verifies your identity using the information you provide during the enrollment process. Here is a list of authentication techniques, available in ADSelfService Plus.

  • Security questions and answers: In this method of authentication, you will be required to provide valid answers to the displayed security questions to verify your identity. Click here for the complete enrollment steps.
  • Email Verification: In this method of authentication, verify your identity by entering code sent email by ADSelfService Plus. Click here for the complete enrollment steps.
  • Mobile Verification: In this method of authentication, verify your identity by entering code sent via SMS by ADSelfService Plus. Click here for the complete enrollment steps.
  • Google Authenticator: Using Google Authenticator app , when you try to reset your password / unlock your account or while performing logon, you can use the 6-digit security code generated by the Google Authenticator app to verify your identity. Click here for the complete enrollment steps.
  • Microsoft Authenticator: Using Microsoft Authenticator app , when you try to reset your password / unlock your account or while performing logon, you can use the 6-digit security code generated by the Microsoft Authenticator app to verify your identity. Click here for the complete enrollment steps.
  • Azure AD MFA: In this method of authentication, you will be required to authenticate your identity using any of the following Azure AD MFA methods configured by your organization:
    • Verification code via Microsoft Authenticator, hardware token, or SMS.
    • Push notification via Microsoft Authenticator.
    • Authentication phone call.
    Click here for the complete enrollment steps.
  • Yubikey Authenticator: You must authenticate your identity with a valid one-time-passcode (OTP) generated by the Yubikey Authenticator. Click here for the detailed steps.
  • DUO Security: If authentication using DUO Security is enforced, you will be required to authenticate your identity using the DUO push, call, or code before you can perform the requested self-service action. Click here for the complete enrollment steps.
  • RSA SecurID: If authentication using RSA SecurID is enforced, you will be required to authenticate your identity using a hardware token before you can perform the requested self-service action. Click here for the complete enrollment steps.
  • RADIUS Authentication: If this method of authentication is enforced, you will be required to authenticate your identity using your RADIUS password, and secondary authentication, if configured by your administrator, before you can perform the requested self-service action. Click here for the complete enrollment steps.
  • SAML Authentication: If this method of authentication is enforced, you will be required to authenticate your identity by logging in to your identity provider before you can perform the requested self-service action. Click here for the complete enrollment steps.
  • AD Security Questions: When this MFA technique is enabled, you will be required to enter a valid answer to the AD Security question posed before you can perform the requested self-service actions. The AD Security Questions, set by your administrator, will mostly be about your profile information like your mobile number or a secret answer. Your administrator will provide you with the secret answer. Click here for the complete enrollment steps.
  • Push Notification Authentication: In this method, you will be required to authenticate your identity using the push authentication approval in the ADSelfService Plus mobile app. Click here for the complete enrollment steps.
  • Fingerprint Authentication: In this method, you will be required to authenticate your identity by verifying fingerprint through ADSelfService Plus mobile app. Click here for the complete enrollment steps.
  • QR Code Authentication: In this method, you will be required to authenticate your identity by scanning QR code generated visible in the browser by ADSelfService Plus mobile app. Click here for the complete enrollment steps.
  • TOTP Authentication: In this method, you will be required to authenticate your identity using time-based one-time passcode (TOTP) generated by ADSelfService Plus mobile app. Click here for the complete enrollment steps.
  • Zoho OneAuth TOTP Authentication: Using Zoho OneAuth app , when you try to reset your password / unlock your account or while performing logon, you can use the 6-digit security code generated by the Zoho OneAuth app to verify your identity. Click here for the complete enrollment steps.