Since the introduction of Microsoft Azure Active Directory, Microsoft has introduced many features to simplify both IT management and end-user experience.
And it continues with the self service password reset feature.
Until then, there has been 3 options to allow to identify an end-user asking to reset his password through the self-service portal:
- Office Phone
- Mobile Phone
- or Alternate email address
Now, Microsoft is introducing a well known feature to these 3 existing: the security question.
Enable security question password reset option
To enable this feature, logon to you Azure management portal (https://manage.windowsazure.com) and reach out the Active Directory section
Then open your directory and reach the Configure tab
Then, below the User password reset policy section, enable the Security Questions option
You then have to define how many security question are needed to identify the user, the number of security question the end-user needs to answer and finally define the security questions and save your modification
Use security question option to reset your password
Instruct your end-user to reach this page http://go.microsoft.com/fwlink/?LinkId=309629 to register themselves to the self service password and answer the security question you have defined
This is it; then if an end-user needs to reset his password (the Can’t access your account? link below the authentication form) he will be able to use the security question option to be identified and reset his password (and if he has answered the security question)