𝗛𝗼𝘄 𝘁𝗼 𝗱𝗶𝘀𝗮𝗯𝗹𝗲 𝗦𝗲𝗹𝗳-𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗣𝗮𝘀𝘀𝘄𝗼𝗿𝗱 𝗥𝗲𝘀𝗲𝘁 𝗳𝗼𝗿 𝗮𝗱𝗺𝗶𝗻𝗶𝘀𝘁𝗿𝗮𝘁𝗼𝗿𝘀 𝗶𝗻 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗘𝗻𝘁𝗿𝗮 𝗜𝗗

Self-service password reset can be a useful feature that allows users to access their account in case they forget their password.

On the other hand, it is potentially risky, as a potential attacker may target the self-service password reset feature to gain access to the account. Especially for privileged accounts, this is very risky and therefore I would generally recommend disabling self-service password resets for privileged accounts.

📺 Watch my YouTube video bellow 👇 👇
https://youtu.be/KIlRPx_9XRA

#cswrld #videotutorial #sspr #passwordreset #entraid #administrators

@merill tbh I'd be fairly upset with my Identity team if they built a redirect in CloudFlare. Maybe if using an orgs infra like a Big-IP tcl.

While I do like branding (it didn't work for the domains I tried) phishing kits displaying an orgs logo is now routine and even automated -- thanks CloudFlare workers/TDS.

I believe focusing on branding gives a false a sense of safety when the true threat is social engineering. I'd argue a TA could even use this URL formatting to their advantage when selling their story.

SSPR is already a massive security risk most orgs should seek to restrict factors to, monitor related web, DNS and email traffic, then ultimately disable.

#sspr

🆕 LDAP Tool Box Self Service Password 1.7.3 released!

ℹ️ LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password (mail, SMS, questions) if they lost it. It works with any LDAP directory, including Active Directory.

🔗 News on OW2 : https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-7-3-released/

🔗 Release on GitHub : https://github.com/ltb-project/self-service-password/releases/tag/v1.7.3

🔗 Download : https://ltb-project.org/download.html

#LDAP #SSP #SSPR #OpenLDAP #ActiveDirectory #OpenSource #FreeSoftware #IAM

The whole login loop issue in #entraid when migrating authentication policies sends me spare 😂

I thought it was down to #sspr not supporting #fido, but thought it was fixed.

Com a Autenticação Unificada, usuários e administradores de solução Microsoft Cloud terão uma experiência mais simplificada e eficiente, unificando a gestão dos métodos de autenticação em um único painel no Microsoft Entra ID como no SSPR (Self-Service Password Reset) e no MFA (Autenticação Multifatorial). #MicrosoftCloud #EntraID #MicrosoftEntraID #SSPR #MFA #Microsoft365 https://www.linkedin.com/pulse/microsoft-unifica-configura%25C3%25A7%25C3%25A3o-de-mfa-e-sspr-entra-id-cassemiro-ga9wf

🎇 Self Service Password 1.7.2 released!

ℹ️ LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password (mail, SMS, questions) if they lost it. It works with any LDAP directory, including Active Directory.

📃 This verson provides some fixes on captcha, SMS reset and docker image.

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-7-2-released/

#LDAP #LTB #LDAPToolBox #SSP #SSPR @ow2 #PHP #OpenSource #FreeSoftware #LogicielLibre

Did you know that self-service password reset (#SSPR) is enabled by default for privileged users and does not respect the SSPR settings in Microsoft Entra portal?

Self-service password reset can be a useful feature that allows users to access their account in case they forget their password, or the account is locked.

On the other hand, it is potentially risky, as a potential attacker may target the self-service password reset feature to gain access to the account. Especially for privileged accounts, this is very risky and therefore I would generally recommend disabling self-service password reset for privileged accounts.

https://www.cswrld.com/2024/11/how-to-disable-self-service-password-reset-for-administrators/

👍 Première édition réussie du Worteks Identity Club !

Le 21 octobre dernier, nous avons eu le plaisir d'accueillir une vingtaine de personnes de 14 organisations différentes :

https://www.worteks.com/opensource/conferences/2024-10-21-worteks-identity-club-1/

🙏 Merci à tous les participants pour leur présence et leur contribution !

#OpenSource #LogicielLibre #LDAP #LTB #LDAPToolBox #SelfServicePassword #SSP #SSPR #OpenLDAP #ActiveDirectory
@ow2 @osxp_paris @lemonldapng @ltb_project @lsc_project

🎇 Self Service Password 1.7.1 released!

ℹ️ LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password (mail, SMS, questions) if they lost it. It works with any LDAP directory, including Active Directory.

📃 This patch version fixes a bug in REST services.

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-7-1-released/

#LDAP #LTB #LDAPToolBox #SSP #SSPR @ow2 #PHP #OpenSource #FreeSoftware #LogicielLibre

🎇 Self Service Password 1.7 released!

ℹ️ LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password (mail, SMS, questions) if they lost it. It works with any LDAP directory, including Active Directory.

📃 This new version includes a new Captcha system and the use of Symfony cache modules.

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-7-0-released/

#LDAP #LTB #LDAPToolBox #SSP #SSPR @ow2 #PHP #OpenSource #FreeSoftware #LogicielLibre

🎇 Self Service Password 1.6.1 released!

ℹ️ LDAP Tool Box Self Service Password is a web application for end users. It allows them to change or reset their password (mail, SMS, questions) if they lost it. It works with any LDAP directory, including Active Directory.

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-6-1-released/

#LDAP #LTB #LDAPToolBox #SSP #SSPR @ow2 #PHP #OpenSource #FreeSoftware #LogicielLibre

🔒 C'est la Journée Mondiale du Mot de Passe ! 🔑

Le rappel idéal pour penser à mettre à jour ses mots de passe trop vieux et plus assez sécurisés.

Et quel meilleur moment que celui-ci pour vous annoncer la sortie de la nouvelle version de Self Service Password : https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-6-0-released/ !

#LDAP #LTB #LDAPToolBox #SelfServicePassword #SSP #SSPR #OpenLDAP #ActiveDirectory #WorldPasswordDay #JourneeMondialeDuMotDePasse #OpenSource #LogicielLibre @ow2

🎉 LDAP Tool Box Self Service Password 1.6 released!

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-6-0-released/

📃 A lot of new features like entropy bar, dynamic checks and mail/phone attributes modification

#php :php: #ldap #openldap #ActiveDirectory #IAM #password #security #opensource #logiciellibre #SSP #SSPR @ow2 @worteks_com

🎉 LTB Self Service Password 1.5.4 released!

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-5-4-released/

#LDAP #LDAPToolBox #SelfServicePassword #SelfServicePasswordReset #SSP #SSPR #PHP #OpenSource #FreeSoftware #LogicielLibre @worteks_com @ow2

🎉 Sortie de LTB Self Service Password 1.5.3 !

➡️ https://projects.ow2.org/view/ldaptoolbox/ltb-self-service-password-1-5-3-released/

#LDAP #LDAPToolBox #SelfServicePassword #SelfServicePasswordReset #SSP #SSPR #PHP #OpenSource #FreeSoftware #LogicielLibre @worteks_com

What's new in Azure Active Directory?

▫️Web Sign-in on Windows for password-less recovery with Temporary Access Pass
▫️Workload identity Federation for Managed Identities
▫️Dynamic Group Pause Functionality
▫️Enabling extended customization capabilities for sign-in and sign-up pages in Company Branding capabilities.
▫️Enabling customization capabilities for the Self-Service Password Reset
▫️Soft Delete for Administrative Units
▫️IPv6 coming to Azure AD

#AzureAD #IPv6 #TAP #SSPR

https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/whats-new?WT.mc_id=AZ-MVP-5004810#november-2022