Overview of the Users page in Microsoft 365 Lighthouse

Microsoft 365 Lighthouse lets you manage users across customer tenant accounts by selecting any of the links under Users in the left navigation pane. From the Users page, you can search for users and assess and act on the security state of your user accounts. You can also view insights into risky users and the status of multifactor authentication and self-service password reset (SSPR).


These pages provides insights around tenants for which data availability is limited.

Account management page

On the Account management page, you can quickly search across tenants for specific users and perform common user management tasks like updating user account information, resetting passwords, assigning licenses, and managing a user's groups, mailbox, or OneDrive. You can also view inactive accounts and take the appropriate security actions and reclaim unused licenses.

Screenshot of the Account management page.

Risky users page

The Risky users page shows user accounts across your tenants that have been flagged for risky behavior. Select any of the users to view more information on a detected risk or to mitigate a risk by resetting a user's password or blocking sign-in. For more information about risk types and detection, see What is risk?.

The Risky users page also includes the following options:

  • Export: Select to export device compliance data to an Excel comma-separated values (.csv) file.
  • Refresh: Select to retrieve the most current device compliance data.
  • Confirm user(s) compromised: Select to confirm the user was compromised.
  • Dismiss user(s) risk: Select to dismiss the user risk.
  • Reset password: Select to change or reset user password.
  • Block Sign-in: Select to prevent anyone from signing in as this user.

Screenshot of the Risky users page.

Multifactor Authentication page

The Multifactor Authentication page provides detailed information on the status of multifactor authentication (MFA) enablement across your tenants. Select any tenant in the list to see more details for that tenant, including which Conditional Access policies requiring MFA are already configured and which users haven't yet registered for MFA. To learn more about MFA in Lighthouse, see Overview of the Multifactor authentication page.

Screenshot of the Multifactor Authentication page.

Password reset page

The Password reset page shows detailed information on the status of SSPR enablement across your tenants. It also provides insights into users who have SSPR enabled but still need to register before they can reset their password on their own.

Screenshot of the Password reset page.

Overview of the Multifactor authentication page (article)
Block user sign-in (article)
Block sign-in for shared mailbox accounts (article)
Manage inactive users (article)
Manage multifactor authentication (article)
Manage self-service password reset (article)
Reset a user password (article)
Search for users (article)
View and manage risky users (article)