Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Security Questions provides administrator configurable challenge questions for use during the log in and password reset processes. Think of it like most bank website logins.
Log In Process
If enabled, depending on the selected protection mode, the log in form is altered in 1 of 2 ways:
- To just show the username field and a submit button. Once a user enters their username, the module searches for their account, and randomly brings back one of their security questions. They then need to provide the answer to the questions as well as their password for authentication.
- To show both the username and password fields up front, then after validating the supplied username and password, the user is prompted with a randomly selected question they have answered.
Password Reset Process
If enabled, the user is required to answer a question before the password reset process could continue.
The user register form also gets a fieldset of questions so that the user can pick what question they want to answer and a textbox for their answer.
Once logged in, the user will see a tab on their account page called "Security Questions." This page lists the questions that they have chosen to answer, and provide a link for them to edit their answer.
Features
- Admin configurable questions
- User supplied answers
- Option to allow user supplied questions
- Option to have questions before or after username & password verification
- Bypass-able by permission
- Challenge on lost password request
- Configurable cookies to show or hide the questions
- Feature requests are accepted. Just post in the issue queue
Dependencies
- The D7 version has no outside dependencies.
- The D6 version depends on ctools for the user supplied questions feature (dependent fields).
Versions
The 7.x-1.x/6.x-1.x branches of Security Questions are now bug fixes only. All new feature requests will be added to the 7.x-2.x/6.x-2.x branches.
Other Modules
Riddler is a sub module of Captcha and therefor requires it. Security Questions has no external dependencies, and only works on the log in / register forms. In addition, Riddler uses admin configured questions and answer pairs. Security Questions lets the admin come up with questions, and then lets the users submit their own answer to the question.
Supporting organizations:
Project information
- Module categories: Security, Access Control
92 sites report using this module- Created by chertzog on , updated
Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
7.x-2.0
released 30 June 2013
released 30 June 2013
Works with Drupal: 7.x
✓ Recommended by the project’s maintainer.
Development version: 7.x-2.x-dev updated 14 Jun 2014 at 12:33 UTC
