Scenario 1: E-mail
In this scenario, users can reset their Active Directory password using their private e-mail address. In this scenario, a new password will be generated automatically.
Sign up for password resets
Before users can reset their password, they need to sign up for password resets by registering a private e-mail address. If the privacy policies of your organization prohibit this, use Scenario 2: Security questions, which enables password resets using security questions.
- The user requests the service that signs up for password resets.
- The user provides a private e-mail address.
- The user receives a confirmation e-mail at this address.
- After confirmation, the e-mail address is registered for password resets.
Perform password resets
After registration, users can reset their password.
- The user clicks the Password Reset link.
- The user identifies himself.
- The user receives a confirmation e-mail at a private e-mail address.
- A service automatically generates a new password.
- The user receives this password at the private e-mail address, after which they can sign in again.