Ensure that 'Number of days before users are asked to reconfirm their authentication information' is not set to '0'
Why This Matters
If the number of days before users are asked to reconfirm their authentication information is set to 0, reconfirmation never occurs. This means that registered users will never be prompted to verify their existing authentication information. If a user changes their phone number or email, the password reset data for that user reverts to the old registered information, creating a security gap and potential lockout risks.
What Aether365 Checks
This check verifies that the "Number of days before users are asked to reconfirm their authentication information" is not configured to 0 in Microsoft Entra ID password reset settings. The check appears in the Aether365 dashboard under identity and access management checks.