| allowIgnoreIpAddressForRba | Boolean | Flag indicates if ignore ip address for rba will be allowed or not. | [optional] |
| authenticators | List<AuthenticatorsEnum> | The list of second factor authenticator types that can be used during a password reset operation. | [optional] |
| challengeSize | Integer | For a KBA authenticator, it is the number of questions that the user must answer--not supported if these settings are part of a Group Policy (not the Global Policy). | [optional] |
| emailAccount | Boolean | Indicates whether an email should be sent to notify the user account has been locked, unlocked, or an attempt of unlock has occurred. | [optional] |
| emailOtpEnabled | Boolean | Indicates if OTP can be sent to email. | [optional] |
| enabled | Boolean | Indicates whether password reset is enabled. | [optional] |
| groups | List<Group> | Groups that can perform a password reset operation--not supported if these settings are part of a Group Policy (not the Global Policy). | [optional] |
| twoSecondFactorRequired | Boolean | Indicates whether two forms of second factor authentication must be completed before a password reset operation can be done. | [optional] |
| unlockAccount | Boolean | Indicates whether the user account should be unlocked after a password reset operation is completed. | [optional] |
| version | Integer | Indicates the version of this model. | [optional] |
| wrongAnswersAllowed | Integer | For a KBA authenticator, it is the number of questions that the user could answer incorrectly and still be considered a valid response--not supported if these settings are part of a Group Policy (not the Global Policy). | [optional] |