Password Policy: Obfuscate the Secret Answer for password resets

Impact area

Security

Severity

Medium

Affected element

Profile

Org Config

Rule ID

SF-0113

Impact

Hide answers to security questions as the user types. The default is to show the answer in plain text

Remediation

Enable this setting on the Profile.

Time to fix

30 min

References

This rule is linked to Common Weakness Enumeration CWE-521 Weak Password Requirements.




Last modified on Oct 13, 2020