Getting Started with IdentityIQ

How you log in to IdentityIQ is based on how your system is configured. The following login options may be available:

• Custom login

• New User Registration

• QuickLinks

• Password Recovery – Account Unlock

Note: Based on your role and individual privileges, and how your system is configured some options in this section could be unavailable.

After you log in to IdentityIQ, the Home page displays. For more information, see IdentityIQ Home Page and Navigation

Note: Do not open multiple tabs or browsers. Opening multiple tabs might overwrite changes made in the other.

New User Registration

Self service registration enables new users to request an IdentityIQ user account the first time they access the product. When this option is enabled, the New User Registration link displays below the Password field on the Welcome screen.

Note: To use this feature, enable self-service registration on the Lifecycle Manager Configuration page.

Note: You can also access the New User Registration page through a direct link that bypasses the login page and simplifies the registration process.

1. Select the New User Registration link to launch the New User Registration page.

2. Fill in the required fields, which include the requested IdentityIQ user name and password.

3. Select Register.

After the request is authorized, you receive an email notification and you can use the name and password submitted to log on to IdentityIQ.

Multi-Factor Authentication

Multi-Factor Authentication (MFA) adds an additional layer of security by requiring you to use multiple methods to authenticate your identity before you can log in to IdentityIQ. When MFA is configured for your system:

1. Log in to IdentityIQ from the default login page and then your MFA provider's login page displays. If your password is expired or you are required to change your password, you must complete the MFA process first.

2. Follow the login prompts for your provider.

3. After you are authenticated, you are logged in to IdentityIQ and the Home page displays.

Note: If you are assigned to multiple providers, you must select a provider from the provider list before you can proceed to the provider's login page.

Password Recovery – Account Unlock

Based on the IdentityIQ configuration, the following options can be available:

• Forgot Password – your password is reset and you are automatically logged in to IdentityIQ

• Account Unlock – your account is unlocked and you can log in

When an Administrator sets up password recovery and account unlock options, the following verification methods are configured:

• Answer Authentication Questions

• Send a Text Message with a Verification Code

Answer Authentication Questions

To use this feature, your administrator must activate this option and you must provide answers to authentication questions in your IdentityIQ User Preferences before this feature is available.

Your administrator can set the following items that determine how the feature works:

• Number of answers you must define in your IdentityIQ User Preferences

• Number of correct answers you must provide to authentication questions

• Maximum number of wrong answers you can enter before IdentityIQ locks you out

• Number of minutes you are locked out

To unlock the account before the lockout time ends, an administrator with the appropriate system capabilities can click Unlock Identity on the Identity Cube Attributes tab.

How to Recover Your Password Using Authentication Questions

If you have not set up and answered the authentication questions and do not know your password, you must contact your help desk or your IdentityIQ administrator to reset your password.

Complete the following steps:

1. Select the Forgot Password? link.

2. Enter your username and click OK.

3. Enter the correct answers to the questions you previously set up and click Done.

   Note: The responses entered on this window are compared to the recorded answers. If you provided the required number of correct answers, IdentityIQ can authenticate you. The authentication process ignores case when comparing the your answers to the stored answers.

4. On the next window, enter your new authentication password in the New Password and Confirm Password boxes and click Change.

The new password must meet the requirements of the password policy that your IdentityIQ administrator set up.

Send a Text Message with a Verification Code

To use this feature, your administrator must activate this option and a mobile telephone number must be configured for your IdentityIQ account. Your mobile phone number must contain a complete number including the area code. This option is configured in Login Configuration.