Challenge Sets are a feature of Password Policies that can help you set up Forgotten Password self-service for your users. A Challenge Set is a set of questions that can be answered by a user to prove his or her identity, instead of using a password.
When you create a Password Policy, you can enable Forgotten Password self-service so that users can get help without calling the help desk. To make self-service more secure, you can create a Challenge Set and specify that users must answer the Challenge Set questions before obtaining forgotten password help.
You can create a Challenge Set when you are creating a Password Policy. In iManager, go to Password Management > Manage Password Policies > New.
You can also manage them as a separate task. In iManager, go to Password Management > Manage Challenge Sets.
Before a user can use Challenge Sets, he or she must set up the questions and answers. You can require that users set them up the next time they log in to iManager or the iManager self-service console using an option in the Password Policy on the Forgotten Password tab. The option is named "Force user to configure Challenge Questions and/or Hint upon authentication." A user can initiate this setup or change it in the iManager self-service console.
You define the structure of the Challenge Set questions. A user's responses and user-defined questions are stored in Novell eDirectory by Novell Modular Authentication Services (NMAS).