Can Users Reset Their Own Passwords Without Sacrificing Security?

Self-service password resets (SSPR) reduce the burden on helpdesks but can pose security risks. To secure SSPR, it is crucial to use phishing-resistant multi-factor authentication (MFA), contextual verification, and risk-based detection. These measures help minimize the risk of attacks while allowing users to reset their passwords autonomously.