disable self service password reset in Azure AD

Vlonjati 1 Reputation point
2021-06-23T09:19:00.85+00:00

I'm struggling to disable the self-service password reset to the tenant users. When trying to do a password reset they are asked to verify/enroll 2FA using a phone nr. and a verified e-mail(I want to disable the personal e-mail verification too).
108497-image.png

After successfully verifying both steps they can reset their password. The setup in Azure AD for password reset is as follows:
108574-image.png

108545-image.png

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 27,221 Reputation points Microsoft Employee Moderator
    2021-06-25T20:30:54.23+00:00

    Hi @Vlonjati , this is most likely due to Security Defaults: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults

    This thread has a lot of good information related to your question. I recommend looking through it and asking me any questions you may have!

    If nothing here solved your issue please let me know and I can help you further.

    If this answer helped you please mark it as "Verified" so other users may reference it.

    Thank you,
    James

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.