Forum Discussion
Restrict SSPR Setup to Organization Network
Is it possible to restrict SSPR Setup to my organization local network? Our concern is that allowing SSPR to be setup from outside the organization, and then a user’s account is compromised, and ...
When you activate SSPR you will be asked to choose the Authentication Methods (1-4) Conditional Access with Multi-Factor-Authenticator is one of them for your Users, they will be asked for at least a second Factor during the SSPR Process. So nobody can only with the Mail or UPN reset a password for any of your user. Also a Notofication for the Passwort Reset should be enabled, so that the User, which password has been changed will be informed and can contact the IT Department in case he was not the one who did the SSPR.
Beside this, Tools like Azure Security or Azure Sentinel may help you to get aware of such strange behavior and keep track of it.
Kind Regards, Peter