Manage self-service password reset

There are three ways to enable self-service password reset for your users:

  • Organization-wide password policy
  • Group password policy (this feature must be enabled for your org)
  • Delegated authentication (this feature is recommended for Active Directory sourced users)

Email is the default recovery method for password policies and delegated authentication. You can add SMS and voice call as well, but you must ensure that your users configure them as authentication factors. See Multifactor Authentication.