AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() The Microsoft spokesperson confirmed that deleting the password from a Microsoft account will provide a "more secure, simple, and fast way to authenticate" and "completely remove your password from your Windows sign-in for added security." This could lead to the confusing situation whereby a user could go passwordless as far as their Microsoft account is concerned but still need a password (even if only in the background behind Windows Hello) for their Windows 10 or 11 access. OK, that led me to ask about Windows specifically because not everyone uses a Microsoft account to sign in on their Windows platform some prefer to use a local account instead. As always, it's not quite that clear cut as things like biometric controls to get past the lockscreen and a PIN to unlock your sim card if the phone is reset also need to be taken into account here. Anyone getting access to your phone could potentially get your primary and secondary authentication details. You might have spotted a problem here if you are using the app on the same phone number as one of those other verification methods. However, if the user enables two-step verification on the account, which is still possible and still recommended, then "they will need to provide codes sent to two different verification options." When your users sign in, they will be prompted to enter additional contact information that will help them reset their password in the future."If a user loses access to the Microsoft Authenticator app for whatever reason," a Microsoft spokesperson told me, "they can still recover their account if they have access to their other verification options, such as an email or phone number." As standard, this would simply be one code, and you are back in.On the Password reset | Properties page, select Authentication methods and select the Number of methods required to reset and desired Methods available to users, and then select Save.Select All to enable self-service password reset for all your users, or choose Selected to specify Groups you want, and then select Save.In the left navigation pane, select Users, and then Users - all users.Select Self-service password reset, and then choose Go to the Azure portal to turn on self-service password reset.In the Microsoft 365 admin center, in the left navigation pane, select Settings > Org settings, and then Security & privacy.Steps: Let people reset their own passwords ![]()
0 Comments
Read More
Leave a Reply. |