Saturday, September 15, 2018

Azure Self Service Password reset - Authenticator APP

Microsoft has listened to its customer thru user voice and added the most awaited feature to their Azure Password Self Service Solution i.e. Reset the user password using Authenticator APP.

Let's go over some of the settings in our LAB and see what works and what does not.

Logon to https://portal.azure.com and hit Azure Active Directory



Click Passord RESET. --> Authentication methods



Select Mobile app code as the method.

Note: You will not be able to select just mobile app code as the only method for reset, you need to pick one more method to make it work

We have already passed this feedback to Microsoft to make available mobile app code without selecting other method.



If you want to use mobile app notification than it is available only if you select 2 methods for Password RESET.



 

To register your account to Microsoft Authenticator APP on your Android/Iphone you have to go to https://aka.ms/mfasetup (from browser on your computer )

Ones user will launch this page it will send SMS code on the mobile phone provided mobile number is present in user's profile.



Select Authenticator APP and click on configure, it will give you a bar code and code for registering the account in authenticator app.



On Phone --> Launch Authenticator APP and select work or school account.



APP will Scan the BAR code using the Camera and configure itself.





back to your computer click finish to Activate this method.



Now When user launch https://passwordreset.microsoftonline.com/

User will be able to see the Authenticator APP code as well as APP notification as the options.



Only thing according to us is missing which our Security department also likes to implement is the ability to only select Authenticator APP as the option without selecting other methods.

We will wait for that option to be made available before we can implement it organization wide but without that as well it has now all mature options to be approved by your organization Security teams.

You can also vote for this idea by using below link.

https://feedback.azure.com/forums/34192--general-feedback/suggestions/35103220-select-authenticator-in-password-self-service-with

 

Thanks for Reading

Sukhija Vikas

http://SysCloudPro.com

1 comment: