Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

We have a new log in experience integrated with Azure AD, and we strongly recommend you log in with your Azure AD (Office 365) account. If your UserVoice account is the same email address as your Azure AD account, your previous activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Enable SSPR to reset Windows cached credentials

    In reference to - https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-sspr-windows

    Its great that SSPR can now be invoked from the login screen. This however seems like a relatively minor benefit to the average user since most have a mobile device with which they can follow the flow. I don't mean to demean the achievement since its definitely needed. However, what is a major issue (and which generates just as many support issues (and erodes IT credibility) as no SSPR at all) is the lack of SSPR for cached credentials when users are off the network/VPN. This happens to be the most common use case we…

    59 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      8 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
    • Update or remove the CAPTCHA verification in the SSPR

      The CAPTCHA verification in the initial SSPR portal page is most of the time really hard to read and it take 4-5 attempts to actually start the password reset or account unlock process and this frustrates our end-users.

      I understand the reason the CAPTCHA is there but maybe replace it by the reCAPTCHA with images instead of those hard to read letters.

      Ps. the current captcha is case-sensitive but there are no info in SSPR to highlight that :(

      21 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        6 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
      • SSPR - Allow user unlock from the windows 10 logon screen.

        You recently implemented the password reset from the Windows 10 logon screen. However, the possibility of unlocking the user when they remembered the password was lacking.

        I remember that this functionality already exists through the MIM or Azure reset link.

        64 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          5 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
        • Ability to to remove or customise the default message that we get during SSPR password reset via login screen for Win10 machines.

          Need the ability to remove or customize the default message that we get during SSPR password reset via login screen on Win10 machines. It says '8-16 characters, case sensitive, one number or symbol". This message is conflicting for the end-users as the organizations password policy may not be as stated in the hardcoded message. We need a way to customize it or remove it so that it doesn't confuse end-users.
          Also an important thing to note is that this message is not available when we use SSPR via the online link https://passwordreset.microsoftonline.com/ , its only available when the SSPR reset…

          8 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            3 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
          • Disable SSPR by group (exclude group from SSPR)

            Currently, you can configure SSPR to be enabled for your entire organization or for a specific group. It would be nice to have the ability to disable/exclude a specific group (e.g. enable for the entire organization except for a specific group(s)). The use case would be a scenario where almost the entire company should have SSPR but there are sensitive accounts that should not be enabled for it.

            15 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
            • Granular options for Self Service Password Reset Factors

              It would be nice to be able to configure self service password reset MFA with as much granularity as application MFA policies.

              1) Restrict what factors you can use based on trusted device, network location, etc.

              2) Specify different policies for different user groups. For example, administrative users who are not AAD administrators.

              3) Restrict by domain and have different rules per domains syncing up to the same tenant.

              11 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
              • Self Service Password Reset (SSPR) - Adding exception for users

                We have created many users through Application in Azure AD. And these users are not a part of any Azure AD groups.
                SSPR is not capable of adding exception for those users, who doesn't want to enable this functionality as they are not logging using WEB URL.
                If Azure platform could provide any conditional access just like MFA it would be of added advantage.

                4 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                • AAD Password Reset: Possibility for helpdesk for user verification

                  We have users, which are registered for Azure AD Password Reset service. They have filled out the security questions and other options for using the AAD Password Reset self-service.0

                  Sometimes the users have Problems to use the self-service in case of different things (forgotten smartphone, answers etc.). In this case, they can call the Helpdesk (ServiceDesk) for further assistant. Now, we are looking for a possibility to make a verification of the user, who is on the other end of the phone.

                  Therefor a feature or possibility for members of the Helpdesk/ServiceDesk to verify the calling person with informations are…

                  28 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                  • Make SSPR from login screen to work togheter with "Interactive logon: Don't display last signed-in" policy

                    Even if in this document https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-sspr-windows it mentions that it interferes with SSPR this should be make to work. There are companies that use this policy across thousands of PCs for years to protect identity of logged on user when locked. Also this was Microsoft recommendation https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name

                    If no user is displayed, we should ask for username exactly like login prompt does with this policy applied.

                    5 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                    • Azure SSPR - Provide Message for Users when connecting to 802.1x networks

                      For the most part, our users do not connect to 802.1x networks, but when they do SSPR simply fails without any feedback. To improve the user experience, please add an option to provide a custom message when SSPR fails.

                      4 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                      • Password policies for cloud accounts should provide the same options as AD accounts

                        Azure Active Directory Cloud-only accounts don’t adhere to our company's password policies. Notably the following company standards are not easily implemented (if at all possible) for cloud only accounts:

                        Password ot derived from User ID
                        Password history must be significantly different from the previous 24 passwords.
                        No repeated characters (e.g. AAAAAbl$%)
                        Exclude keyboard patterns (e.g. QWERTY789)
                        Account lockout 6 times in a row during a 30-minute time period

                        3 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                        • Azure AD password reset from the login screen password expiration notification

                          Azure AD password reset from the login screen has no password expiration notification, when the password is expired. Although, you can click on "Reset password" to reset your password, it doesn't tell you that the password is expired and that you should reset it.
                          It would be good if such a password expiration notification on the login screen would be implemented.

                          2 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                          • Ok!

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                            • Add the ability to reset/clear SSPR registration information.

                              We have the ability to clear/reset MFA registration information. It would be great if we had the ability to do the same for SSPR information. Our service desk has asked us a few times if we could do this but we tell them no. It would also be great for us when we try and test new registration steps.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                              • CA for SSPR

                                Introduce conditional access for SSPR service so that users can reset their password only from known (Azure AD joined) devices.

                                3 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                • Enable in AAD admin portal for allow only select users or groups to change password from Office 365 Portal

                                  This option is for the user security for not allow change password if the user is not enable MFA, in the case that other user know your password and MFA is not enabled.

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                  • SSPR APIs to create or update challenge questions

                                    It would be good to have APIs to update the challenge questions and response for SSPR. in that way, it can be integrated with an existing user self - registration solution.

                                    1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Add a 3rd option 'I know my password and would like to change it'

                                      After you provide your username and satisfy the captcha you are presented with two options:

                                      'I forgot my password'
                                      'I know my password, but still can't sign in'

                                      My suggestion would be to add a 3rd option, 'I know my password and would like to change it'. This 3rd option would link to the Azure option to change their password here: https://account.activedirectory.windowsazure.com/ChangePassword.aspx

                                      I realize that this 3rd option is not related to a password reset, but we are trying to drive adoption of SSPR in our organization as a one-stop shop for all their password needs. We've had users call…

                                      2 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Check is Caps lock is on when someone attempts to reset their password using SSPR

                                        Would it be possible to warn the user attempting to reset their password using SSPR to that their caps lock key is active?

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Prevent user from reset Password with same mobile phone - app & message

                                          Today a user can use the same mobile phone for password reset by using text message / phone call and authenticator app...

                                          To view the text message, answer the call and / or accept the push notification it is not necessary to unlock the phone.

                                          So what's the use of forcing two methods for password reset?

                                          We need an option to prevent user from reset password by using app notification and phone message / call. The Authenticator App could access the mobile phone number, used by the device and the admin should have the option to prevent accepting push notifications…

                                          1 vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4
                                          • Don't see your idea?

                                          Feedback and Knowledge Base