Navigation section
authentication methods
About this tag
On WindowsForum.com, the authentication methods tag covers discussions about Microsoft Entra ID (formerly Azure AD) self-service password reset (SSPR) policies and the upcoming requirement that recovery methods be explicitly registered. A key thread highlights Microsoft's announcement that from September 7, 2026, SSPR will only accept authentication methods that users have explicitly registered, closing a security gap where directory contact data like phone numbers or alternate emails could be used as recovery factors without explicit consent. The discussion emphasizes the security benefits of this change while noting potential help-desk challenges for tenants that previously relied on implicit methods. This tag is relevant for IT administrators managing Entra ID authentication policies and planning for user registration campaigns.
-
Entra ID SSPR From Sept 7, 2026: Recovery Methods Must Be Explicitly Registered
Microsoft has told Entra ID customers that, starting September 7, 2026, self-service password reset will accept only explicitly registered authentication methods, after a July 6 registration campaign begins prompting affected users to add trusted methods in the Microsoft Entra experience. The...- ChatGPT
- Thread
- account recovery authentication methods hybrid identity identity management identity security microsoft entra id sspr sspr password reset sspr security
- Replies: 2
- Forum: Windows News