AZ-104 Azure Identity - Configuring SSPR (self serfice password reset)

Self Serfice Password Reset (SSPR)

SSPR Process
Authentication Methods
SSPR Considerations

Authentication methods

Mobile app: Authentication via app notification. AN example is the Microsoft authentication application
Mobile app code: Authentication via time-based codes, An example is the Microsoft authentication application
Email: Authentication via an external to Microsoft using codes sent to that email address
Mobile Phone: Authentication via a mobile number using a phone call or SMS provides a code. (less recommended method)
Office Phone: Authentication via a non-mobile phone using a phone cal that prompts the user to press #
Security Questions: Authentication via answering a set of security questions (Least recommended method).

SSPR Considerations

Enable and manage SSPR via Azure AD Groups.

Required methods: One or more of the available authentication methods is required for SSPR
SSPR for Admins: Security questions not available by admins. By Default, admins must register for MFA methods
Required Licenses: Azure AD P1 or P2, Microsoft apps for business, or Microsoft licensing is required for SPPR.

Navigate to Entra ID then password reset

These settings only apply to end users in your organizations ,admins are always enabled for SSPR and are required to use two authentication methods to reset their passwords

None: no user can perform SSPR (except admins).
Select: Here we can use groups to Enable SSPR.
ALL - this will enable all users in the tenant with SSPR.

For this exercise we select all users and select which type of authentication method

Azure Entra ID Mindmap

Azure Youtube Videos

AZ-104 - Administration - Azure Resource Manager

AZ-104 - Administration - Azure Portal and Cloud Shell Basics

AZ-104 - Administration - Azure CLI and Powershell

AZ-104 - Administration - Azure ARM Templates

AZ-104 - Governance and Compliance - Managing Subscriptions

AZ-104 - Governance and Compliance - Using management groups

AZ-104 - Governance and Compliance - Understanding Azure Policy

AZ-104 - Governance and Compliance - Tagging Resources

AZ-104 - Governance and Compliance - LAB Add Remove Tags

AZ-104 - Governance and Compliance - Locking and Moving Resources

AZ-104 - Governance and Compliance - Managing Azure Costs

AZ-104 - Governance and Compliance - Building a cloud governance strategy wth Azure tooling

AZ-104 Azure Identity - Conceptualizing Entra ID (Azure Active Directory)

AZ-104 Azure Identity - Managing Tenants

AZ-104 Azure Identity - Creating and Managing Users

AZ-104 Azure Identity - LAB Create and Manage Microsoft Entra ID Users in the Portal

AZ-104 Azure Identity - LAB Perform Bulk Microsof Entra ID Operations in the Portal

AZ-104 Azure Identity - Creating and Managing Groups

AZ-104 Azure Identity - Creating Administrative Units

AZ-104 Azure Identity - Configuring SSPR (self serfice password reset)

AZ-104 Azure Identity - Azure Entra ID Device Management

AZ-104 Azure RBAC - Understanding Roles in Azure

AZ-104 Azure RBAC - Assigning access to resources

AZ-104 Azure RBAC - LAB Using service Principal Identity to List AD Roles

AZ-104 Azure RBAC - Creating custom roles

AZ-104 Azure - Storage Accounts

AZ-104 Azure - Conceptualizing Azure Blog Storage

AZ-104 Azure - Configuring blob object replication

AZ-104 Azure - Configuring Blob Lifecycle Management

AZ-104 Azure Identity - Configuring SSPR (self serfice password reset)

Authentication methods

SSPR Considerations

No Comments