Since the introduction of Microsoft Azure Active Directory, Microsoft has introduced many features to simplify both IT management and end-user experience.

And it continues with the self service password reset feature.

Until then, there has been 3 options to allow to identify an end-user asking to reset his password through the self-service portal:

  • Office Phone
  • Mobile Phone
  • or Alternate email address

Now, Microsoft is introducing a well known feature to these 3 existing: the security question.

Enable security question password reset option

To enable this feature, logon to you Azure management portal (https://manage.windowsazure.com) and reach out the Active Directory section

image

Then open your directory and reach the Configure tab

image

Then, below the User password reset policy section, enable the Security Questions option

image

You then have to define how many security question are needed to identify the user, the number of security question the end-user needs to answer and finally define the security questions and save your modification

image

 

Use security question option to reset your password

Instruct your end-user to reach this page http://go.microsoft.com/fwlink/?LinkId=309629 to register themselves to the self service password and answer the security question you have defined

imageimage

This is it; then if an end-user needs to reset his password (the Can’t access your account? link below the authentication form) he will be able to use the security question option to be identified and reset his password (and if he has answered the security question)

imageimageimage