Users in your directory can be granted permission to reset their password, if they forget their password, in a few steps rather than having to ask the administrator to do so for them. This saves time and cost of the IT department or helpdesk dealing with such kind of tasks in an organization. Administrator can set the policy of resetting the password. This service is available in basic and premium edition of Azure Active Directory. In the chapter ‘Personalize Company Branding’ a small ‘how-to’ on getting a free trial of Azure Active Directory premium edition is included.
Step 1 − Login to the management portal.
Step 2 − Go to the active directory.
Step 3 − Click on the ‘Configuration’ tab.
Step 4 − Scroll down and locate ‘User Password Reset Policy’ heading.
Step 5 − Click ‘Yes’ to enable users for password reset as shown in the following picture and scroll down to set the policy.
Step 6 − You can choose to allow users to reset their password in certain groups.
Step 7 − Refer to the image above; you have four options to choose from to authenticate the password reset. For example, let’s choose two of them here. Users in this case will be able to use their mobile phone or alternate e-mail address to verify the password reset.
Step 8 − In ‘Number of Authentication Methods Required’ dropdown, if you choose 2 than users will have to provide two identification information (e.g. mobile phone and office phone). In this example, let’s leave it as one.
Step 9 − Next option is whether you want them to register for self-password reset or not. If you choose ‘No’, the administrator will have to do it for each user individually.
Step 10 − ‘Customize "Contact Your Administrator" link. You can give a specific webpage link or an e-mail id where the user can contact when he encounters a problem while resetting his password.
Step 11 − Click ‘Save’ at the bottom of the screen.
Next time when users login to access their account, they will be asked to register for password reset service where they can feed in their phone number or e-mail address. This information will be used when they forget/lose their password. In this example, as the policy set, they can choose from one of the options for verification code, through a call on their mobile phone, a text on their mobile phone or through an e-mail to an alternate email address.