Dear IVIA team,

We have implemented password-based  authentication in IBM Verify Identity Access, however we have an additional requirement to implement pin (numeric code, ex: 1073) based authentication as well. Users can select either password based or pin-based authentication mechanism (first factor authc) to access protected backend web application.

As user passwords will be stored in IBM Security Verify Directory's userPassword field, so we can't use the same attribute to store pin, so we might need to add additional custom attribute to store pin and hash it. We have also requirement to implement account lockout (3 invalid attempts), reset pin, and change pin functionality. If anyone implemented pin-based authentication (first factor), please guide us steps, provide reference, docs, link would be appreciated. Thanks for your support.

Regards

SK

Hi

Infomap Authentication is one of the best place to do.

i have see and implemented as well where you can write your own infomap which has logic to store , retrieve , validate pin against pin.

major work was done around JavaScript and AttributeUtil.

it also involves adding another attribute in ldap which while be used to store pin attribute 

review javadoc as well as infomap.

Dear IVIA team,

We have implemented password-based  authentication in IBM Verify Identity Access, however we have an additional requirement to implement pin (numeric code, ex: 1073) based authentication as well. Users can select either password based or pin-based authentication mechanism (first factor authc) to access protected backend web application.

As user passwords will be stored in IBM Security Verify Directory's userPassword field, so we can't use the same attribute to store pin, so we might need to add additional custom attribute to store pin and hash it. We have also requirement to implement account lockout (3 invalid attempts), reset pin, and change pin functionality. If anyone implemented pin-based authentication (first factor), please guide us steps, provide reference, docs, link would be appreciated. Thanks for your support.

Regards

SK

Dear IVIA team,

We have implemented password-based  authentication in IBM Verify Identity Access, however we have an additional requirement to implement pin (numeric code, ex: 1073) based authentication as well. Users can select either password based or pin-based authentication mechanism (first factor authc) to access protected backend web application.

As user passwords will be stored in IBM Security Verify Directory's userPassword field, so we can't use the same attribute to store pin, so we might need to add additional custom attribute to store pin and hash it. We have also requirement to implement account lockout (3 invalid attempts), reset pin, and change pin functionality. If anyone implemented pin-based authentication (first factor), please guide us steps, provide reference, docs, link would be appreciated. Thanks for your support.

Regards

SK