Forum Discussion
Restrict SSPR Setup to Organization Network
Is it possible to restrict SSPR Setup to my organization local network?
Our concern is that allowing SSPR to be setup from outside the organization, and then a user’s account is compromised, and the hacker sets up SSRP on the compromised account. Each time a user has their PW reset from the Service Desk, the hacker will just change the PW on the compromised account using SSPR.
Thanks,
-Larry
1 Reply
When you activate SSPR you will be asked to choose the Authentication Methods (1-4) Conditional Access with Multi-Factor-Authenticator is one of them for your Users, they will be asked for at least a second Factor during the SSPR Process. So nobody can only with the Mail or UPN reset a password for any of your user. Also a Notofication for the Passwort Reset should be enabled, so that the User, which password has been changed will be informed and can contact the IT Department in case he was not the one who did the SSPR.
Beside this, Tools like Azure Security or Azure Sentinel may help you to get aware of such strange behavior and keep track of it.
Kind Regards, Peter
