Self-Service Password Reset [CHK-1333]
This check ensures users have the ability to reset their passwords independently.
Rationale
Enabling self-service password reset increases security by reducing the risk of unauthorized access and improves user experience by allowing users to manage their own account recovery.
Fix
An automated fix is available through Attic.
Manual steps:
- Visit Microsoft Entra Admin Center at https://aad.portal.azure.com
- Open Protection.
- Choose Password reset.
- Activate "Self service password reset enabled" by selecting "All".
- Click Save.
Impact
Once the fix is applied, users will be prompted to provide a mobile phone number or set up Multi-Factor Authentication (MFA) for use in password reset scenarios.
More Information
For further details, refer to the official Microsoft documentation on self-service password reset.