Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Simon Clarke

My feedback

  1. 354 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    65 comments  ·  Azure Active Directory » B2C  ·  Flag idea as inappropriate…  ·  Admin →

    We have started the planning for this feature and hope to have a preview by the end of the calendar year. In the meantime, could you respond to aadb2cpreview@microsoft.com with the answers to the following questions:
    - In which scenarios do you plan to force the user to change his/her password?
    - What kind of information (if any) would you like to get back if the user goes through the reset flow?
    - Do you currently or plan to track which users have reset their password?

    An error occurred while saving the comment
    Simon Clarke commented  · 

    I managed to get this escalated in the middle of April 2021 via a customer with premier support, and I was pleasantly surprised that Microsoft fixed it within a couple of weeks.

    So for me too I am happy to say that the expired password issue when using forceChangePasswordNextSignIn = true is now resolved, and I believe the fix was rolled out globally.

    Unfortunately there are still several other issues with the out-of-the-box signin user flow. For example having configured MFA to go via SMS, why does the password reset MFA code insist on going via email? And our accessibility auditors identified 6 category A issues, including a really basic tab-order issue which is annoying for everyone not just those with accessibility needs. But I guess these are issues for any thread!

    Simon Clarke supported this idea  · 
    An error occurred while saving the comment
    Simon Clarke commented  · 

    I agree with the previous 2 posts. I'm following the same Microsoft documentation, but this feature isn't working.

    New B2C tenant, using the recommended signin user flow, with all the latest screen versions, including one called "Update expired password page" v2.1.4.

Feedback and Knowledge Base