-
Email vs SMS for SSPR
updated 3 weeks, 2 days ago
2 Members
·
3
Posts
-
In this question
“Category: SC-300 – Implement Authentication and Access Management
You manage a Microsoft Entra ID tenant and have enabled Self-Service Password Reset (SSPR) for your users.
<ul data-indent-level=”1″>
Users are required to register for SSPR the first time they sign in.
Only one authentication method is needed to reset a password.
To improve security, you also consider using Microsoft Entra Conditional Access to control access to corporate resources based on device or location. You want to ensure that users can reliably reset their passwords if they forget them without compromising organizational security.
Which method can a user use to verify their identity and reset their password?”
The provided answer is email. Why is the answer not SMS? They’re both valid methods for SSPR.
-
Hi avrohomdu,
Thank you for raising this. You made a great point! You are absolutely correct that both external email and SMS are valid SSPR authentication methods in Microsoft Entra ID, and we appreciate you taking the time to flag the ambiguity.
After reviewing the question, we completely agreed that having SMS as an option created two equally valid answers, which made the question unclear and unfair. We have since updated the question to replace the SMS option with Windows Hello for Business, which is not a supported SSPR authentication method. This makes external email the only clearly correct answer among the choices.
The updated question will be reflected in the portal soon. We truly appreciate your feedback; it helps us maintain the quality and accuracy of our content!
Best regards,
Irene @ Tutorials Dojo
-
<div>Great, thank you!</div>
Log in to reply.