How to remove requirement for users to provide private email address as authentication method

Stefan Schweiger 21 Reputation points
2022-06-10T15:01:16.83+00:00

Currently our users are prompted upon the first login to provide a phone number and a (non work/school) email address as additonal authentication methods. They can remove the email address later on in the Security Info, but the next time they login they have to provide it again.

Is there a way to specify which authentication methods need to be provided for all users? I my opinion it's a security risk to allow password resets via email accounts not in our control.

I've looked up and down through all the AD portal and the documentation but I can't seem to find anything about this.

210296-screenshot-2022-06-10-at-163912.png

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,095 questions
{count} votes

Accepted answer
  1. Carlos Solís Salazar 15,951 Reputation points
    2022-06-10T15:58:25.91+00:00

    Hi @Stefan Schweiger

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    You can remove your email Authentication methods from your Azure AD Password reset menu
    210299-screenshot-2022-06-10-105621.png

    With this configuration, it should not ask for any email account

    Hope this helps,
    Carlos Solís Salazar

    ----------

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
    NOTE: To answer you as quickly as possible, please mention me in your reply.


    2 people found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Andy David - MVP 139.8K Reputation points MVP
    2022-06-10T15:49:55.247+00:00
    0 comments No comments