Another common request from organizations regarding credential management is to allow users to reset their own passwords without needing to open a support ticket. Azure Active Directory provides a feature called self-service password reset that can allow users to confirm their identities and reset their passwords.
The Azure AD self-service password reset confirmation is validated based on a combination of the following methods:
- Mobile phone
- Office phone
- Security questions
In addition, if configured, passwords that have been reset in Azure AD can be written back to a local Active Directory, as shown in the following screenshot:
More information on Azure password management and policies is available at https://docs.microsoft.com/en-us/office365/admin/misc/password-policy-recommendations.
Password write-back is recommended to ensure users maintain the same password on-premises that they do in Azure AD.
Next, we will explore security and compliance concepts for documents within an organization.