Forum Discussion
John Gruber
Feb 07, 2023Brass Contributor
Is it possible to limit where users can reset their passwords in Microsoft 365?
Hello,
I'm discussing enabling Self-service password reset with a customer and they are concerned that someone could reset the password from anywhere. Is it possible to create a conditional access policy that limits the IP addresses that a user can perform a SSPR from?
I know you can limit where the user signs up for SSPR/MFA but I'm wondering how to create a conditional access policy (or something else) that restricts user's to an IP address to perform the SSPR.
Thanks,
John
- Wouldn't it be better increasing the number of authentication methods required for SSPR to improve security? As I am assuming the customer already have the most common conditional access policies activated anyway? (referring to your previous post about top conditional access policies 😉