Phishing attacks on users are rising. There are countless possibilities for phishing attacks. One of them attempts to gain unauthorized access to the data via the app registration. If the attack is successful, no password change will lock the attacker out again. Auch die Multi-Faktor-Authentifizierung bietet keinen Schutz, da die App des Angreifers bereits zum Zugriff auf die Daten berechtigt ist. It’s time to restrict app registration and thus increase security against phishing.
Month: February 2022
Microsoft Entra self-service password reset (SSPR) allows users to change or reset the password on their own. It does not require support from the helpdesk.
To allow the user to change or reset the password, the following authentication methods are available for Microsoft Entra self-service password reset (SSPR):