Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
Azure Self-Service Password Reset
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 51%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBC%3C/text%3E%3C/svg%3E)
Brian Cornelius
1
Reputation point
Self-Service Password Reset is turned OFF in Azure AD. We manage password changes outside of O365. Via Azure AD > Password Reset > Audit Logs we're noticing that bad actors have managed to achieve "Success" (per the logs) in changing a user password, however, they then show "Failure" because a password change is not a write-back attribute in our environment.
The question is how are they getting this far in the first place and what can be done to stop it?
Microsoft Security | Microsoft Entra | Microsoft Entra ID
-
Andy David - MVP 160.1K Reputation points MVP Volunteer Moderator2023-06-23T18:25:46.8066667+00:00 Bad actors = non employees? Are you requiring MFA?
-
Brian Cornelius 1 Reputation point
2023-06-23T18:57:31.97+00:00 Yes, not affiliated with us. We do require MFA, but via OKTA. That decision was made long ago. Example log entry:
Sign in to comment
1 answer
Sort by: Most helpful
-
Deleted
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more