Symptom:

When clicking the "Cant access your account?" link on the SFE login page, you are transferred to a page with a selection of authentication types, without the ability to reset own password.


Cause:

The issue appears since by default, allowing users to reset their own passwords is not enabled by default in the vault DBParm.ini, denying it from the SFE as well.


Solution:

In order to enable users to reset their passwords via SFE, follow these steps:

  1. Go to the vault server and edit the DBParm.ini to add the following 2 values to it:
    ForgetMyPasswordEnabled=Yes
    ResetPasswordRequireSecurityQuestions=Yes
  2. Restart the vault server application
  3. Go to the SFE server, and initiate an IISRESET command
After the above, go to the SFE login page, press the "Cant access your account?" link, and this time it will redirect to a reset password page instead of the authentication selection page.