Microsoft Entra External ID Adds SMS Password Reset to Simplify Account Recovery
The new SMS-based reset option enhances security, simplifies recovery, and reduces password-related support issues for external users.
Key Takeaways:
- Microsoft Entra External ID now supports SMS-based self-service password resets.
- The feature boosts security with multi-factor verification and real-time fraud protection.
- IT admins gain a more efficient, user-friendly way to manage external identity recovery.
Microsoft is making account recovery simpler and more secure with the public preview of SMS-based self-service password reset (SSPR) in Entra External ID. This new feature allows users to reset their passwords through SMS verification.
Microsoft Entra External ID is a cloud-based identity solution that enables organizations to securely manage and authenticate external users (such as customers, partners, or contractors) across apps and services. It provides flexible sign-in options, including social identity providers and custom policies, while ensuring strong security and compliance. It helps businesses build trusted digital relationships without compromising control over access and data.
How does SMS-based password reset work?
Previously, Microsoft Entra External ID only supported one-time passcodes via email. Now, end users can verify their identity using SMS during the self-service password reset (SSPR) process. This feature adds an additional layer of protection by requiring users with two or more registered methods to verify their identity with at least two methods.
Additionally, fraud protection is strengthened through integration with the Phone Reputation platform, which analyzes telephony activity in real time to detect suspicious behavior. Microsoft mentioned that each password reset request is evaluated and assigned an Allow, Block, or Challenge decision. This capability helps to protect customers against telephony-based fraud.
SMS-based password reset is offered as a paid add-on feature with pricing that varies by region and includes built-in fraud protection services. Users can find detailed information on costs in the SMS pricing tiers by country or region.
Why does this feature matter for IT administrators?
Microsoft is currently rolling out this feature in public preview to Entra External ID customers. It’s expected to be generally available for all commercial customers by the end of this month.
This new SMS-based password reset feature can be a valuable tool for IT administrators. It offers a more flexible and user-friendly recovery option while strengthening security through multi-factor verification and fraud protection. This feature helps reduce support tickets related to password issues and enhances the overall reliability of identity management for external users.
Rabia has a master's degree in Software Engineering and she has years of experience writing professionally about Microsoft products and other technologies. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on t...
