Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow mandatory Self-Service Password reset options when requiring more than a single recovery option

    Allow the administrator to specify a mandatory recovery option when enabling Self-Service Password resets. That way you can require an option like "Questions and Answers" but still allow the end user to choose an alternative recovery option.

    For example if you enabled Cell Phone, External Email, and Questions and answers. And then flagged Questions as a mandatory choice, then it would allow just the option to choose from email, or cell as the 2nd recovery option. Instead of being able to just choose email, and cell which for most users is a single recovery point on their cellphone.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  2. Provide different security options for staff & students for Education clients

    As an educational institution, we would like to have staff & students use this feature. We feel we would want to provide different security questions to those groups. Currently, the security options are only available for the entire entity and we cannot have different options for groups of users. For this reason, we will only use this for staff at this time.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  3. AAD SSPR admin notifications issue with AAD PIM

    AAD PIM is a bypass for AAD SSPR admin password reset notifications

    Give us the option to specify who should get notified when a admin or eligible admin resets their password.

    I confirmed the notification is not sent to eligible admins (not good)
    I assume its also not sending the notification to current admins if a eligible admins resets his password.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback! To clarify, you want all eligible admins to receive a notification when an admin resets their password?

    At this time, you can ensure that other admins are notified when an admin resets their password. Check out this setting under the Notifications tab in the Password reset section of the Azure AD portal.

    Thanks,
    Sadie Henry (sahenry)

  4. Additional notification settings "Notify manager on password resets"

    Currently there are 2 notification settings on SSPR: [Notify users on password resets] and [Notify all admins when other admins reset their passwords].

    Could you add "Notify manager on password resets" so that user's manager is notified when the user reset his/her password?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  5. Password Reset not sending code

    Password Reset not sending code if it is requested by phone, only if you add a number 1 in front of the number, I tried two times without it and never got a code, once I added it I got it.
    Please add a note right next to the input field for the phone number stating that the number one is needed.
    Thanks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  6. SSPR should prevent the use of previous historic passwords used on the account for “X” times (as is standard for on-premise systems)

    Office 365 tenant is a managed domain with all cloud based accounts. Users within the tenant tend to register on private company websites (fitness trackers, consumer purchases, etc.) using their enterprise email address from the tenant. Some of the public company sites get compromised and expose their passwords in clear text, which are then sold on the black market. When those Office 365 accounts are identified as “compromised”, meaning an attacker logs in using the login ID and password from the exposed site the tenant administrator resets those affected passwords to random passwords. The users do not know the password…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  7. Allow setting the number of authentication methods a user is required to add during interrupted registration

    Currently the wizard only guides the user to setup up a max of 2 authentication methods. Please make that configurable so you can guide the user to setup all methods instead of having them manually go back into the portal and setup a 3rd or 4th.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable SSPR on a Windows 10 device that is not Azure AD joined or Hybrid Azure AD joined.

    Due to technical limitations, we’re unable to Azure AD join or implement a Hybrid Azure AD join on our Windows 10 devices. It would be great if Windows 10 had the ability to launch a secure Web browser session to a backend portal (https://aka.ms/sspr) from the Windows 10 login screen “Reset Password” or “Forgot Password” link without the Azure AD joined or Hybrid Azure AD joined requirement.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  9. Unlock account from SSPR without resetting password

    Allow users to unlock their account without them having to reset their password.

    In our organisation, accounts get locked out due to various other reasons and not just because of forgotten password. Option to unlock account should be provided to users who remember their password by asking them for their password, if they choose to just unlock their account.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  10. Can change method

    Hello,

    We find a problem with SSPR.
    In our first test we authorize :
    -Mobile app code
    -Mobile app notification
    -Email
    -Mobile Phone
    -Office Phone

    We required 2 methods for reset.
    Until there no problem.
    We made some test and it works.
    But we ask us to desactivate the Mail method and add security questions as a valid method.

    We did it.

    For someone that don't have register yet, no problem, but for someone that had already register we have a problem.
    He can't add questions method.
    We test with the preview version of SSPR registration:
    https://docs.microsoft.com/fr-fr/azure/active-directory/authentication/howto-registration-mfa-sspr-combined

    We can delete…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  11. Publish an API to get the remaining number of days before a specific user will be asked to reconfirm his/her authentication information.

    The idea is to publish an API to get the remaining number of days before a specific user will be asked to reconfirm his/her authentication information.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  12. Display Password Requirements

    Similar to the method used to display company's logo, create method to input and display company's password requirements in window where user is changing their password.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  13. Configure SSPR Authentication methods for admin roles

    By default, administrator accounts are designed to use two-gate password policy for authentication and this can't be changed.
    These options can be changed only for users.
    Please provide this options also for administrators.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  14. Re-design the security information registration option

    The ability to enforce registration of security information to trusted location works great, but the design seems flawed.

    We don't have the ability to exclude the security information registration page from conditional access. If we enforce conditional access on All Cloud Applications and require Hybrid Azure AD or Compliant Devices external consultants / subcontractors won't be able to do the initial sign-up.

    Instead of adding the option "User Action" to Azure Conditional Access you should have added an application that we could exclude or the ability to exclude "User Action" from a "Cloud Apps" policies. I think this is due…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  15. mon compte bloque free

    comment débloque mon compte bloque

    merci

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  16. Remove requirement for trusted networks for combined Azure MFA and SSPR enrollment

    When deploying SSPR or Azure MFA independently, neither requires the user be on a trusted network. However, the combined registration (currently in preview) does require they be on a trusted network. This makes deploying to existing users who may be anywhere in the world impossible.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  17. Staff discount

    My password never works signig in on this site to reserve my staff discount number please send me a code to my mobile so I can reset pass word my number is 07885531073 thanks lee john

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  18. branding

    Expand organization branding to the 'change my password' page when users are already signed on to Office 365.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  19. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  20. SSPR Hyperlink

    SSPR works great. All you need to remember is https://aka.ms/sspr
    Unfortunately, most users do not remember this URL, nor do they store a bookmark in the browser of their mobile device/tablet.
    So if they forget their password, they still call operations.

    Would it be possible to add a link to this URL for example in the microsoft authenticator app ?

    Most users have this on their mobile device anyhow (to be able to reset their password), so having the URL towards SSPR available their would make it easier for them.

    Alternative could also be to develop an 'SSPR app'. But…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base