Manage self-service password reset

There are three ways to enable self-service password reset for your users:

• Organization-wide password policy
• Group password policy (this feature must be enabled for your org)
• Delegated authentication (this feature is recommended for Active Directory sourced users)

Email is the default recovery method for password policies and delegated authentication. You can add SMS and voice call as well, but you must ensure that your users configure them as authentication factors. See Multifactor Authentication.

Topics

• Group password policies
• Create a self-service password reset policy for your org
• Add self-service password reset to an existing password policy
• Configure voice call for self-service password resets
• Configure SMS for self-service password resets
• Enable Active Directory delegated authentication
• Self-service password reset scenarios