Want to reduce support tickets? We recently heard from a couple of customers that they weren’t aware you can have your end users reset their own enrolled device passwords through the Intune Company Portal Website at https://portal.manage.microsoft.com/ or through the Company Portal app. In this post, we walk through a few more details.
The Intune Company Portal Website allows an end user, after authenticating, to:
- Remotely lock their devices
- Rename their device
- Remove their device
- Reset their device password
- Reset and erase their device
End users can take these actions on personally-owned MDM-enrolled devices. When an end-user logs in with their corporate credentials (if needed) at https://portal.manage.microsoft.com/ they will see these options as shown in the screenshot below, including the reset device passcode option.
This is a useful feature if your end user forgets their enrolled device password, or if they lose a device and want to reset it. A few additional notes:
- You can’t use this approach to reset a password if you use MFA requiring the Microsoft Authenticator app on the device that’s locked.
- For iOS if you use DEP or have a supervised device, then just an IT Admin or helpdesk with the proper authorization can reset passwords for these specific types of devices that are enrolled.
- Each platform (iOS, Android, Windows) has different terms of use and legal language that you can customize to a certain extent based on the platform, which is helpful particularly for reset/etc. You can read more about that here: https://docs.microsoft.com/intune/terms-and-conditions-create.
Be sure to share this with your helpdesk! There’s documentation on this feature here: https://docs.microsoft.com/intune-user-help/using-the-intune-company-portal-website
Updates
12/3/18 - Updated with the right service name for Microsoft Authenticator (we'd called it Azure Authentication app).
Microsoft
