In this section, we configure the password reset capabilities of Azure AD to reduce support costs and 24/7 availability. We use no restrictions on the service and we require just one verification option to reset the password:
Password reset - Properties dialog to select the activation options
To verify the reset, we use several methods:
Password reset - authentication options
The next option we activate forces the user to register:
Password reset - Registration requirement and confirming choices
Next, we configure the related notifications.
In this section, we configure the notifications options so that the administrator will be notified if anomalous sign-ins or administrator password resets happen:
- Configure the
Notificationsas shown here:
Password reset - NotificationS options
- Users will be forced to register for a password reset, as shown in the following screenshot:
Registration enforcement
Now, we will test our newly configured feature and will see the registration scenario required for your verification options. Next, we will check the password reset.
Test the newly configured settings and log in as Don.Hall@domain.onmicrosoft.com to https://myapps.microsoft.com.
You will receive a message that you need to register for a password reset:
Authenticator app - setup procedure
Add your preferred method for Don Hall. You will receive an SMS text message, an email to your mailbox, or another of your defined response methods.
Log in as admin@domain.onmicrosoft.com to https://myapps.microsoft.com , and you will see the request for two verification options.
In the next steps, we will verify the functionality.
Open https://myapps.microsoft.com in your preferred browser and enter Don.Hall@domain.onmicrosoft.com. Click the Can't access your account? option or use the following link, https://passwordreset.microsoftonline.com, to start the password reset process. You will come into the verification process, and you need to follow the tasks. Finish the process and log in with the new password.
