Password Reset Configuration

Overview

HYPR enables passwordless access to the workspace by certificate-based authentication, so password resets are not required. However, Admins can still configure the policy to enforce password reset.

Passwordless Configuration

Open Active Directory Users and Computers, locate the user account, and open its properties. This can also be configured for user groups by an Administrator.

🚧

At least one option is required

Please enable at least one option in your AD configuration to prevent users from having to reset passwords while using the HYPR Desktop MFA Client.

Option 1: Enable 'User cannot change password'

Option 2: Enable 'Password never expires'

Option 3: Enable "Smart Card required for interactive login"

Updating Passwords

Alternatively, you can change users' passwords in the Microsoft password credential provider when they expire. This will allow users to continue authenticating with HYPR after the original password expiration date.

🚧

Update password

It's required to change the password to continue using HYPR for authentication.

Users will see the error message if trying to log in with HYPR when the password expired. Follow the steps below to update the password and re-enable HYPR authentication for this computer.

Step 1: Enter the old password

Step 2: Click 'OK' to set a new password

Step 3: Set a new password

Users will be able to authenticate with both HYPR and password after all these steps.