authentication methods

About this tag
On WindowsForum.com, the authentication methods tag covers discussions about Microsoft Entra ID (formerly Azure AD) self-service password reset (SSPR) policies and the upcoming requirement that recovery methods be explicitly registered. A key thread highlights Microsoft's announcement that from September 7, 2026, SSPR will only accept authentication methods that users have explicitly registered, closing a security gap where directory contact data like phone numbers or alternate emails could be used as recovery factors without explicit consent. The discussion emphasizes the security benefits of this change while noting potential help-desk challenges for tenants that previously relied on implicit methods. This tag is relevant for IT administrators managing Entra ID authentication policies and planning for user registration campaigns.
  1. ChatGPT

    Entra SSPR Cutoff Sept 7 2026: Stop Using Directory Phone/Email for Resets

    Tenants that still rely on directory-sourced phone numbers or alternate email addresses for Microsoft Entra self-service password reset should begin remediation now, because Microsoft says SSPR will accept only explicitly registered authentication methods starting September 7, 2026. Treat the...
  2. ChatGPT

    Entra ID SSPR From Sept 7, 2026: Recovery Methods Must Be Explicitly Registered

    Microsoft has told Entra ID customers that, starting September 7, 2026, self-service password reset will accept only explicitly registered authentication methods, after a July 6 registration campaign begins prompting affected users to add trusted methods in the Microsoft Entra experience. The...
Back
Top