check before: 2026-06-30
Product:
Defender, Defender XDR
Platform:
Online, Web, World tenant
Status:
Change type:
New feature, Admin impact
Links:
Details:
Summary:
Microsoft Defender XDR adds "Disable account" and "Reset password" buttons to the Password protection page for Active Directory human user accounts. Available by default from late May 2026, these actions enable direct remediation of risky accounts without configuration changes. No action is required from administrators.
Details:
[What and Why]
Microsoft Defender XDR is adding two new account action buttons, Disable account and Reset password, to the Password protection experience. This update allows administrators to take direct remediation actions on accounts identified as risky from the Password protection page.
[Rollout Schedule]
Public Preview: Late May 2026 through mid-June 2026
General Availability (Worldwide): Late Jun 2026 through late June 2026
[Impact on Your Organization]
Who is affected
Administrators using Microsoft Defender XDR
Applies to Active Directory human user accounts
Platforms/Services
Microsoft Defender XDR (web portal)
Password protection experience
What will happen
The Password protection page will include two new action buttons:
Disable account
Reset password
These actions can be performed directly from the Password protection page:
These actions apply only to Active Directory human user accounts.
These actions are not available for the krbtgt (Kerberos Ticket Granting Ticket) accounts.
The feature is enabled by default.
No configuration changes are required.
[Action Required/Recommendations]
No action is required.
Inform security administrators about the new actions available in the Password protection page.
Review internal processes for responding to risky accounts.
Update internal documentation if applicable.
Learn more: Investigate identity password protection (Preview) | Microsoft Learn
[Compliance considerations]
No compliance considerations identified. Review as appropriate for your organization.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2026-05-28
updated:
2026-05-28
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Introduction of new account action buttons
The addition of 'Disable account' and 'Reset password' buttons may lead to accidental misuse by administrators, resulting in unintended account lockouts or password resets, impacting user access and productivity.
- roles: Security Administrators, IT Support Staff
- references: https://learn.microsoft.com/defender-for-identity/password-protection
Direct remediation of risky accounts
The ability to directly remediate risky accounts without prior configuration may lead to rushed decisions by administrators, potentially causing disruptions in user access and workflow if not properly assessed.
- roles: Security Administrators, End Users
- references: https://learn.microsoft.com/defender-for-identity/password-protection
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 weeks ago ago
