To prevent a program or user from identifying valid email addresses, CAPTCHA is available. When CAPTCHA is enabled, you must complete the CAPTCHA field when completing the self-registration page or when retrieving a forgotten username or password.
The availability of this functionality is controlled by a security setting which can be managed in the Security Health Check tool.
Forgot Password
If CAPTCHA is enabled for your portal and you click the Forgot Password? link on your login page, the Forgot Password page appears with the CAPTCHA functionality.
In order to retrieve a password for the corresponding User ID, the you must enter a valid User ID. You must also enter in the CAPTCHA field the two words that appear above the field. If either the User ID or CAPTCHA words are not valid, one or more error messages are displayed.
If both the User ID field and the CAPTCHA field are entered properly, a confirmation message is displayed.
Forgot Username
If CAPTCHA is enabled for your portal and you click the Forgot Username? link on your login page, the Forgot Username pop-up appears with the CAPTCHA functionality.
In order to retrieve a username for the corresponding email address, you must enter a valid email address. You must also enter in the CAPTCHA field the two words that appear above the field. If either the email address or CAPTCHA words are not valid, one or more error messages are displayed.
If both the Email field and the CAPTCHA field are entered properly, a confirmation message is displayed.
Self-Registration
If CAPTCHA is enabled for a portal, a CAPTCHA widget appears at the bottom of the Self-Registration page. The exact location of the widget is dependent upon the other options that are available on the page.
When CAPTCHA is enabled, users must enter in the CAPTCHA field the two words that appear above the field.
When the or button is clicked, the system first validates that all required fields have been entered. The system then validates the CAPTCHA values. Finally, the system validates that the user does not already exist in the system and that the password follows the password creation guidelines.
