Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

We have a new log in experience integrated with Azure AD, and we strongly recommend you log in with your Azure AD (Office 365) account. If your UserVoice account is the same email address as your Azure AD account, your previous activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

How can we improve Azure Active Directory?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to to remove or customise the default message that we get during SSPR password reset via login screen for Win10 machines.

    Need the ability to remove or customize the default message that we get during SSPR password reset via login screen on Win10 machines. It says '8-16 characters, case sensitive, one number or symbol". This message is conflicting for the end-users as the organizations password policy may not be as stated in the hardcoded message. We need a way to customize it or remove it so that it doesn't confuse end-users.
    Also an important thing to note is that this message is not available when we use SSPR via the online link https://passwordreset.microsoftonline.com/ , its only available when the SSPR reset…

    8 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      3 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
    • Self Service Password Reset (SSPR) - Adding exception for users

      We have created many users through Application in Azure AD. And these users are not a part of any Azure AD groups.
      SSPR is not capable of adding exception for those users, who doesn't want to enable this functionality as they are not logging using WEB URL.
      If Azure platform could provide any conditional access just like MFA it would be of added advantage.

      5 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
      • Make SSPR from login screen to work togheter with "Interactive logon: Don't display last signed-in" policy

        Even if in this document https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-sspr-windows it mentions that it interferes with SSPR this should be make to work. There are companies that use this policy across thousands of PCs for years to protect identity of logged on user when locked. Also this was Microsoft recommendation https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name

        If no user is displayed, we should ask for username exactly like login prompt does with this policy applied.

        5 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
        • Customizable password reset screen

          Enable the admins to customize the password reset screen that can allow to add the company name and a customized message for password expiry. Also the expiry notification to appear on the users email prior to 14 days.

          5 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

            Thank you for your feedback! We are reviewing this request and will keep you updated. Can you tell us more about where you want the message to be displayed and what you would customize it to be?

            Thank you,
            Sadie Henry

          • Azure SSPR - Provide Message for Users when connecting to 802.1x networks

            For the most part, our users do not connect to 802.1x networks, but when they do SSPR simply fails without any feedback. To improve the user experience, please add an option to provide a custom message when SSPR fails.

            4 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
            • Clarify messages for password resets

              When you are forced into a password reset (example: password expired), you get the most shady and generic messages that you have no idea what the problem is.

              In my case it turned out to be a password with more then 16 characters, why is there a max limit on a password for (only) 16 characters?

              Also why are top 100 most used passwords like Welkom01! (dutch version of Welcome01!) accepted!? All my brilliant combinations are rejected because "Microsoft seen them to often", but a top 100 password slides right by.

              Can your error's be more specific so an actual…

              4 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
              • Lock fields for SSPR synchronized and populated from on-prem and make them read-only

                We have another portal where our users enter their phone number, alternate phone, mail, etc. to be used for MFA and SSPR.

                We'd like to disable the option for users to be able to edit those fields online in the SSPR portal and instead provide them with a link to the portal where they can change the information. The fields should be visible but read-only.

                4 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                • We need to redirect password reset to our portal from inside mop, users sync from AD but there passwords not sync to cloud

                  We need to redirect password reset to our portal from inside mop, users sync from AD but there passwords not sync to cloud

                  4 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                  • Password policies for cloud accounts should provide the same options as AD accounts

                    Azure Active Directory Cloud-only accounts don’t adhere to our company's password policies. Notably the following company standards are not easily implemented (if at all possible) for cloud only accounts:

                    Password ot derived from User ID
                    Password history must be significantly different from the previous 24 passwords.
                    No repeated characters (e.g. AAAAAbl$%)
                    Exclude keyboard patterns (e.g. QWERTY789)
                    Account lockout 6 times in a row during a 30-minute time period

                    3 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                    • CA for SSPR

                      Introduce conditional access for SSPR service so that users can reset their password only from known (Azure AD joined) devices.

                      3 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                      • Allow 'Require users to register when signing in ?' to be linked to an AAD Group so we can phase it out

                        As above. We don't want to turn this on and hit ALL user at their next logon (too risky due to the numbers involved). We want to phase this out via an AAD group.

                        3 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                        • Azure AD password reset from the login screen password expiration notification

                          Azure AD password reset from the login screen has no password expiration notification, when the password is expired. Although, you can click on "Reset password" to reset your password, it doesn't tell you that the password is expired and that you should reset it.
                          It would be good if such a password expiration notification on the login screen would be implemented.

                          2 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                          • Add a 3rd option 'I know my password and would like to change it'

                            After you provide your username and satisfy the captcha you are presented with two options:

                            'I forgot my password'
                            'I know my password, but still can't sign in'

                            My suggestion would be to add a 3rd option, 'I know my password and would like to change it'. This 3rd option would link to the Azure option to change their password here: https://account.activedirectory.windowsazure.com/ChangePassword.aspx

                            I realize that this 3rd option is not related to a password reset, but we are trying to drive adoption of SSPR in our organization as a one-stop shop for all their password needs. We've had users call…

                            2 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                            • Check is Caps lock is on when someone attempts to reset their password using SSPR

                              Would it be possible to warn the user attempting to reset their password using SSPR to that their caps lock key is active?

                              2 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                              • SSPR Registration - Restrict Registration to the the members of the SSPR Group

                                Restrict registration to the members of the SSPR Reset Group , we do not want everyone to be able to register , it gives a false sense of the utility being available to everyone when it is not in our case. Only selected users are allowed to use SSPR reset

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                • Allow domain admins to customize the "Password" link for SSPR

                                  In Google Apps, once a user is logged in and if tries to change password. Clicking on Password link will take the user to the our own Password Manager solution. This is customized by Admin.

                                  It will be very nice if Azure provides the same feature in Azure AD

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Allow mandatory Self-Service Password reset options when requiring more than a single recovery option

                                    Allow the administrator to specify a mandatory recovery option when enabling Self-Service Password resets. That way you can require an option like "Questions and Answers" but still allow the end user to choose an alternative recovery option.

                                    For example if you enabled Cell Phone, External Email, and Questions and answers. And then flagged Questions as a mandatory choice, then it would allow just the option to choose from email, or cell as the 2nd recovery option. Instead of being able to just choose email, and cell which for most users is a single recovery point on their cellphone.

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Provide different security options for staff & students for Education clients

                                      As an educational institution, we would like to have staff & students use this feature. We feel we would want to provide different security questions to those groups. Currently, the security options are only available for the entire entity and we cannot have different options for groups of users. For this reason, we will only use this for staff at this time.

                                      2 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

                                        Thank you for your feedback!

                                        Are you wanting to ask different questions to different users, or specific different methods for different users (i.e. staff uses email and students use security questions)?

                                        Thanks,
                                        Sadie Henry

                                      • AAD SSPR admin notifications issue with AAD PIM

                                        AAD PIM is a bypass for AAD SSPR admin password reset notifications

                                        Give us the option to specify who should get notified when a admin or eligible admin resets their password.

                                        I confirmed the notification is not sent to eligible admins (not good)
                                        I assume its also not sending the notification to current admins if a eligible admins resets his password.

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

                                          Thank you for your feedback! To clarify, you want all eligible admins to receive a notification when an admin resets their password?

                                          At this time, you can ensure that other admins are notified when an admin resets their password. Check out this setting under the Notifications tab in the Password reset section of the Azure AD portal.

                                          Thanks,
                                          Sadie Henry (sahenry)

                                        • Regarding SSPR, I would like to be able to enforce to users the number of methods to register.

                                          Regarding SSPR, I would like to be able to enforce to users the number of methods to register.
                                          So, it will be number of methods available to users.
                                          Then, Minimum number of methods required to register.
                                          Then, Minimum number of methods required to reset.

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            1 comment  ·  Self-Service Password Reset  ·  Flag idea as inappropriate…  ·  Admin →

                                            Hi folks! Thanks for your feedback! The ability to set how many methods a user needs to register and how many they need to use to reset their password is planned. I will update you when work has started.

                                          • Don't see your idea?

                                          Feedback and Knowledge Base