arrow
Search icon

Password Resets FAQ's

The session lifetime for password reset is 15 minutes. From the start of the password reset operation, the user has 15 minutes to reset their password. The email and SMS one-time passcode are valid for 5 minutes during the password reset session.

Authenticator app?

Taken from Self-service password reset FAQ - Azure Active Directory | Microsoft Docs

How many times can I reset/change my password in a short period of time?

There are security features built into password reset to protect it from misuse.

Users can try only five password reset attempts within a 24 hour period before they're locked out for 24 hours.

Users can try to validate a phone number or send a SMS, only five times within an hour before they're locked out for 24 hours.

Users can send an email a maximum of 10 times within a 10 minute period before they're locked out for 24 hours.

The counters are reset once a user resets their password.

Taken from here - Self-service password reset FAQ - Azure Active Directory | Microsoft Docs

The data you provide is stored securely in one of the Microsoft Data Centres in Europe.  This data is encrypted both at reset and in transit.  This data is used for the security of your account i.e. SSPR and MFA, and will not be used for any other purposes. 

This data is NOT used or transferred to any other UL system.

New entrants (staff and students) [ML1] will be required to complete the following tasks as part of their initial account setup:

  1. Reset initial password
  2. Register for MFA
  3. Register for SSPR

You will need access to either a mobile phone or landline to use and configure MFA and SSPR.

You can turn on SSPR for your UL computer account by setting up at least one (1) of the following authentication methods (note existing staff will have already configured one of these methods as part of their MFA set up – an alternative email address isn’t supported on MFA):
  • Mobile app – Download the Microsoft Authenticator mobile app to receive a verification code for authentication. The mobile app is available for Android, iOS, and Windows Phone. Note, you may have already downloaded and configured the Mobile app as part of your MFA set up.
  • Phone (Call / SMS) - Enrol a mobile phone number to receive a verification code for authentication. To work properly, phone numbers must be in the format +Country Code Phone Number, for example, +353 871234567. There needs to be a space between the country code and the phone number. Password reset does not support phone extensions. Even in the +353224255512 x 12345 format, extensions are removed before the call is placed. If you prefer to receive text messages, an SMS is sent to the mobile phone number containing a verification code. Enter the verification code provided in the login screen to continue. If you prefer to receive a phone call, an automated voice call is made to the phone number you provide. Answer the call and press # in the phone keypad to authenticate.
  • Email address – Enrol an alternate email address to receive a verification code for authentication, e.g. joebloggs@outlook.com
 
Recommended authentication > for both MFA and SSPR will be the Mobile App > dependent on combined experience