cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Is it possible to limit where users can reset their passwords in Microsoft 365?

John Gruber
Brass Contributor

‎Feb 07 2023 11:38 AM

‎Feb 07 2023 11:38 AM

Is it possible to limit where users can reset their passwords in Microsoft 365?

Hello,

 

I'm discussing enabling Self-service password reset with a customer and they are concerned that someone could reset the password from anywhere. Is it possible to create a conditional access policy that limits the IP addresses that a user can perform a SSPR from?

 

I know you can limit where the user signs up for SSPR/MFA but I'm wondering how to create a conditional access policy (or something else) that restricts user's to an IP address to perform the SSPR.

 

Thanks,

John

Labels:
919 Views
0 Likes
1 Reply
Reply
1 Reply
ChristianJBergstrom

‎Feb 08 2023 05:28 AM

‎Feb 08 2023 05:28 AM

Re: Is it possible to limit where users can reset their passwords in Microsoft 365?

Wouldn't it be better increasing the number of authentication methods required for SSPR to improve security? As I am assuming the customer already have the most common conditional access policies activated anyway? (referring to your previous post about top conditional access policies ;)
0 Likes
Reply