Are secondary emails required for clients to do their own password reset? #
Partially. If the Dual Factor Authentication (DFA) method is set to email, a secondary email address must be added to the portal user account for clients to complete a self-service password reset. Without a secondary email, the password reset process cannot be completed by the user independently. However, if the DFA method is set to none or app, users can reset their password by entering a code from their authentication app, and a secondary email is not required.