Azure AD Self-Service Password Reset

Why use self-service password reset?
Why use self-service password reset?

The first line of your IT Servicedesk probably receives a lot of phone calls from your end-users with the request to reset the users password. Resetting a password only takes a minute (or a few minutes when you first need to logon to the server or Office portal) for the engineer, so that`s no big problem. But the person who calls is he really the person who he says he is? With security in mind you need to agree a protocol to verify this information, maybe he needs to send a copy of his identity paper to the Servicedesk (how secure is that?) or contact his manager first to let the manager send an email to the Servicedesk? What kind of protocol is agreed in your company, it will cost your Servicedesk time, your user is not able to access his computer or data and cannot do his daily work. Maybe the user got irritated and complains about the slow response of the Servicedesk.

When your company uses Office 365 or a Microsoft Azure product, you can setup self-service password reset for your users. This allows your users to reset their password themselves by visiting https://passwordreset.microsoftonline.com. The user needs to fill in his email address and depending on the options you allowed as an administrator the user will receive a text message or call on his (mobile) phone, receive an email on a alternate email address or need to answer some security questions to reset the password.

To setup the self-service password reset option you only need to purchase an Azure AD Basic license for your cloud only users or an Azure AD Premium license (to enable password-writeback to on-premises) for your on-prem users. Be sure a (mobile) number or an alternate email address is filled in at the users profile, based on the allowed reset options. A few other options you can set as an administrator you can see in the print screen below:
self-services-password-reset-options

This is a secure option to provide your users (cloud only en on-premises) the option to reset their password without the need to contact your Servicedesk.

My next article I will write about Intune Mobile Application Management.

 

Share This!

Be the first to comment

Leave a Reply

Your email address will not be published.


*