Ensure That 'Notify all admins when other admins reset their password?' is set to 'Yes'

Why This Matters

Administrator accounts are prime targets for attackers. When an admin password is reset without proper notification, it could indicate a compromised account or malicious activity. Enabling this notification ensures all global administrators are aware of password reset events, allowing them to verify the legitimacy of the action and investigate any suspicious changes promptly.

What Aether365 Checks

This check verifies that the "Notify all admins when other admins reset their password" setting in Microsoft Entra ID is configured to "Yes". You can view the status and details of this check in your Aether365 dashboard under the entra-id checks section.

Microsoft references

• Active directory passwords how it works
• Howto sspr deployment
• Security controls v2 governance strategy
• Security controls v2 privileged access
• [Security controls v2 privileged access](https://docs.microsoft.com/en-us/azure/security/benchmarks/security-controls-v2-privileged-access#pa-2-restrict-administrative-access-to-business-criticalsystems)