Azure AD - New User - Disable Force Password Change and SSPR

Question

Nouman Khan 21

HI,

When a create a new user in Azure AD, and the user tries to login for the first time:

1) AD asks user to change the password
2) AD asks to set the self-service password reset - configure an email, phone, memorable answer etc

I want to disable both these features - when I create a new user, he should be able to sign-in directly.

How can I achieve this?

3 answers

Answer 1

James Hamil 27,211 Microsoft Employee Moderator

Hi @Nouman Khan , you can accomplish this by following these steps:

If you no longer want to use the SSPR functionality(...) set the SSPR status to None using the following steps:

Sign in to the Azure portal.
Search for and select Azure Active Directory, then select Password reset from the menu on the left side.
From the Properties page, under the option Self service password reset enabled, select None.
To apply the SSPR change, select Save.

Please let me know if you have any questions and I can help you further.

If this answer helped you please mark it as "Verified" so other users can reference it.

Thank you,
James

Nouman Khan 21 Reputation points

2022-09-29T05:05:36.477+00:00

Thanks.
What about Force change password for new user?
Whenever new user logs in - Azure asks to update the password - I do not want to use this. The user should be able to use the initial password set by admin for login.
Braden Roof 0 Reputation points

2024-09-25T12:17:23.13+00:00

I know the steps provided, the issue is the option to uncheck the force password change is grayed out. How do I enable the option so I can uncheck it when needed?

Answer 2

Andy David - MVP 157.4K MVP Volunteer Moderator

or

the Office 365 portal and uncheck this option:

Answer 3

Henri Koelewijn 6

Is it possible to change this per user or per group or only for all users in the AD.