The information provided in this article is applicable only to on-cloud users.
You can conveniently verify if a user has updated their password using the Azure AD Audit Logs or the CoreView Audit Logs. Follow the steps below to access these logs and filter them to find the necessary information.
1. Using Azure AD Audit logs
- Visit the Azure portal and select “Azure Active Directory”
- Click on “Audit logs” and select the date range you need
- Apply a filter to the “Activity” column, searching for keywords like “Reset password” or “Reset user password”
- This will display the following details:
Target: this indicates the user for whom the password has been updated.
Initiated by: this indicates the user who updated the password.
2. Using CoreView
CoreView offers an even simpler method to determine if a user has updated their password. Follow the steps below:
- Go to the CoreView Portal
- Under “Audit”, select “Azure AD > Azure AD activities”
- Apply the “Change user password” filter to the “Operation” column.
- This will display all activities related to password changes.
If you've updated the password using the CoreView portal, you can review the corresponding action by checking the “Audit log” section under “Audit > CoreView”.
By following these simple steps, you can easily verify if a user has updated their password.