Forum Discussion
Microsoft SSPR restrict access by location
Hello all, The organization I work for has been seeing an uptick in the number of SSPR attempts being made against its users. I have been looking on these forums and on the web but have not seen...
The portal to change your password via self-service is a public portal. So you cannot secure it
JosvanderVaart Yes it is a public portal, however, my ask is to add another check to the existing three checks in the SSPR workflow that are in the link included in the original post:
1. Checks to see if user has SSPR enabled
2. Checks that the user has the right authentication methods defined on their account in accordance with administrator policy.
3. Checks to see if the user's password is managed on-premises.
Another check would be to see if the organization has allowed the use of SSPR in the user's geo-location. Since the above checks are being done already, why not the ability to limit the user's ability of where SSPR can be used?
- I agree that having this feature would be nice, but I fear we will have to wait until it is available as a target in Conditional access. We also had to wait very long to be able to control myapps.microsoft.com - Microsoft is a little inconsistent with their support for conditional Access.
