AAD Password Reset: Possibility for helpdesk for user verification
We have users, which are registered for Azure AD Password Reset service. They have filled out the security questions and other options for using the AAD Password Reset self-service.0
Sometimes the users have Problems to use the self-service in case of different things (forgotten smartphone, answers etc.). In this case, they can call the Helpdesk (ServiceDesk) for further assistant. Now, we are looking for a possibility to make a verification of the user, who is on the other end of the phone.
Therefor a feature or possibility for members of the Helpdesk/ServiceDesk to verify the calling person with informations are stored from the user itself in the AAD Password Reset service would be great and give more security for requests by phone.
For example, the caller have to answer a hole or a part of a verification question and the member of the helpdesk can type it into a form and get the response from the AAD Password Reset service, if the answer was correct or not. So the helpdesk employee can be sure, that the caller is the right one.
Hi folks! Thanks for your feedback! We are considering this feature. Keep voting if this is important to you!
Adam Driver commented
Is this still under review? I agree SSPR questions etc are a good way of verification, i think potentially extending the notification types within Microsoft Authenticator would also be a good way - have clear notifications that approvals can be for authenticating access to services and have a different notification for user authentication and not resource authentication - e.g. "<EngineerName> would like to verify that you are working with them on a support ticket you raised." Confirm/Reject
I would say in these times where most people are working from home and remote support is required, this is now more important than ever.
Arindam Laha commented
This is will be a very useful feature , is there an ETA when this is available for preview and GA
Would like to see this feature implemented.
Is there an ETA approx when this capability can be made available?