The GINA user has the option of resetting their password independently (Figure 6).
Figure 6: Screenshot of the GINA login form with emphasized option "Forgot your password?"
Several variants are available for this, which are determined by the SEPPmail Secure E-Mail Gateway operator:
•Triggering a call to the administrator or helpdesk, which will provide the GINA user with a new password.
•Via SSPM. Here, the sending of the password to the GINA email recipient is fully automated– i.e. without any involvement of the helpdesk – and takes place either via SMS or via a password reset email. When the GINA email recipient logs in again, they will be prompted to choose a new password for themselves.
The operator of the SEPPmail Secure E-Mail Gateway can decide whether the resetting process is to be additionally secured by a security question. In this case, the GINA email recipient is asked to enter a security question and answer when registering (see Recipient – Login and one-time registration and Figure 6a).
Figure 6a: Screenshot of the GINA security question entry during registration
The password reset process would start after this security question (Figure 6b) has been correctly answered by the GINA user.
Figure 6b: Screenshot of the GINA security question entry during password reset
In detail, the following reset options are available:
Reset by hotline (default setting)
•The user must answer their security question in order to continue with the reset process.
•The user is prompted to enter a phone number for the helpdesk to call them back.
Reset by hotline, no reminder question/answer
•The user is prompted to enter a phone number for the helpdesk to call them back.
•However, this only works if the GINA interface is opened via a GINA email, i.e. not simply by registration.
Reset by SMS
•The user must answer their security question in order to continue with the reset process.
•If a mobile phone number for the SMS reset was entered when registering, it will be displayed. Clicking the "Send" button triggers the SMS password transmission.
•If no mobile phone number is available, the user is prompted to enter a phone number for the helpdesk to call them back.
Reset by SMS, no reminder question/answer
•If a mobile phone number for the SMS reset was entered when registering, it will be displayed. Clicking the "Send" button triggers the SMS password transmission.
•If no mobile phone number is available, the user is prompted to enter a phone number for the helpdesk to call them back.
•However, this only works if the GINA interface is opened via a GINA email, i.e. not simply by registration.
Let user choose between hotline and SMS
•The user must answer their security question in order to continue with the reset process.
•If a mobile phone number for the SMS reset was entered during registration, a selection appears in which the user can choose between their mobile phone number (for SMS reset) and a telephone number to be entered (the mobile phone number is pre-entered).
•If no mobile phone number is available, the user is prompted to enter a phone number for the helpdesk to call them back.
Let user choose between hotline and SMS, no reminder question/answer
•If a mobile phone number for the SMS reset was entered during registration, a selection appears in which the user can choose between their mobile phone number (for SMS reset) and a telephone number to be entered (the mobile phone number is pre-entered).
•If no mobile phone number is available, the user is prompted to enter a phone number for the helpdesk to call them back.
•However, this only works if the GINA interface is opened via a GINA email, i.e. not simply by registration.
Reset by email verification
The mere fact that this variant is based on email alone means that security is impaired to a certain extent. For this reason, this version of the SEPPmail Secure E-Mail Gateway is only recommended with reservations.
•The user must answer their security question in order to continue with the reset process.
•The user is then prompted to enter a new password and verify it.
•The user will then receive an email with a link. The newly assigned password only becomes valid when this link is activated.
Reset by email verification, no reminder question/answer
The fact that this version is based on email alone means that security is impaired to a certain extent (see above).
Additionally, however, in this setting, owning a GINA email is sufficient to be able to reset the password. A second verification factor, i.e. the answer to a security question, is not required. This means a further impairment of security.
For this reason, this variant of the SEPPmail is not recommended.
•The user is prompted to enter a new password and verify it without a security question.
•The user will then receive an email with a link. The newly assigned password only becomes valid when this link is activated.
•However, this only works if the GINA interface is opened via a GINA email, i.e. not simply by registration.
Disable user profile and password management
This setting prevents the creation of a profile. Resetting the password is not possible. The registration at the GINA interface is only possible by opening a GINA attachment (secure-email.html).
Generally, these settings are only used with automatically generated GINA accounts.
By default, the corresponding GINA admin email "address registered for the corresponding " domain acts as sender of password emails. Likewise, password reset requests are normally sent to this address. This means that a helpdesk collective address should be entered here.
If no helpdesk is available, the sender or the initial sender of the GINA can be informed.
Since all texts of the password reset process can be customised, a helpdesk telephone number can be added, if required.
