Password reset prompt while using passwordless sign-in

Password reset prompt while using passwordless sign-in

Description

Users are forced to reset their password even when they are using passwordless sign-in.

Reason

When a Password Policy is enabled for a group, the system ensures all members of the group has a valid password that complies with the password policy requirements.

In some cases, the same group may also be associated with a Routing Policy where both Password-based and Passwordless sign-in modes are enabled by the admin. The users may choose to sign-in using passwordless method and skip using their password.

However, password  based sign-in mode is still allowed for the group as per Routing Policy.

As a result, the users will be prompted to reset their password (when admin modifies the Password Policy) even if they are not using password to sign in. This enforcement does not apply if password based sign-in is disabled in Routing Policy.

Solutions

To resolve this issue, choose one of the following options:
  1. The user can update/reset their password to meet the password policy requirements and continue using passwordless sign-in until the next password reset prompt.
  2. The organization admin can disable password based sign-in in Routing Policy. This prevents the unnecessary password reset prompts for users relying solely on passwordless sign-in.