To determine if users can reset their passwords with SMS, which policy should be reviewed?

The focus on whether users can reset their passwords using SMS directly relates to mobile device functionalities and the policies that govern those capabilities. The Mobile Policy specifically addresses mobile authentication methods, including SMS as a viable option for password resets. This policy delineates the processes that allow users to utilize their mobile phones for security-related actions, such as receiving one-time passcodes or reset links via SMS.

By reviewing the Mobile Policy, administrators can determine if SMS is enabled as a mechanism for password recovery, ensuring that users can authenticate and reset their passwords securely through their mobile devices. The nuances of how SMS is integrated into the password reset process fall under this policy, making it essential for understanding the available options and access for users.

In contrast, the Organization Policy generally outlines broader organizational security standards, the Okta Password Policy specifically governs the rules and requirements for password complexity and security, and the Active Directory Policy pertains to directory-specific configurations and does not directly relate to how mobile functionalities like SMS are handled within Okta.