Upcoming Webinar
Understand How Your Peer Approach AD Forest Recovery
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Entra ID Protection Updates Password Change Remediations

Key Takeaways:

Microsoft’s Entra ID Protection update introduces automated user risk remediation in hybrid environments, streamlining security by automatically addressing risks when passwords are changed on-premises.

IT administrators can confidently deploy user risk policies, ensuring secure operations for hybrid employees.

Entra ID Protection seamlessly integrates machine learning to detect and counter identity-based risks.

Microsoft has released a new update for its Entra ID Protection service. The security feature is designed to let IT admins automatically remediate user risk when on-premises password changes happen in hybrid environments.

Microsoft Entra ID Protection (formerly called Azure AD Identity Protection) is a security tool that allows customers to detect, investigate, and mitigate identity-based risks. The service uses machine learning to detect malicious activities such as anonymous IP address usage, leaked credentials, and password spray attacks. It’s also possible to integrate Entra ID Protection with other security solutions.

“While we recommend mastering password changes in Entra ID to take advantage of Password Protection, hybrid customers who do password changes on-premises found it challenging to enable user risk policies. Users would get blocked when becoming risky and could not self-remediate by resetting passwords on-premises because the password change wasn’t visible to Entra ID, and so couldn’t dismiss the risk,” said Alex Weinert, VP and Director of Identity Security at Microsoft.

Microsoft highlighted that the new feature allows hybrid users to mitigate risks when a password is changed in on-premises environments. Moreover, IT Pros can confidently deploy user risk policies that require password changes to protect hybrid employees. This approach should help organizations to boost their security posture and streamline security management.

Microsoft Entra ID Protection Improves Password Change Remediations

How to enable self-remediation in Entra ID Identity Protection

To get started, IT admins will need to head over to the Microsoft Entra Admin Center portal. Then, turn on the “Allow on-premises password change to reset user risk” setting.

However, keep in mind that this setting is only available for organizations that have already enabled “Password Hash Synchronization” in their tenants. If you’re interested, you can find more details about the Entra ID Identity Protection remediation capabilities on this support page.

by Rabia Noureen
Oct 2, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

How to Use Microsoft 365 Dynamic Groups to Streamline Access Management

Jul 5, 2023
Jul 13, 2023
How to Properly Secure and Govern Microsoft Entra ID Apps

Oct 19, 2023
Apr 17, 2024
Microsoft Entra ID App Registration and Enterprise App Security Explained

Oct 19, 2023
Apr 17, 2024

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.