Blog Post

ITOps Talk Blog
8 MIN READ

Step-By-Step: Implementing Azure AD Password Protection On-Premises

Daniele De Angelis's avatar
Daniele De Angelis
Icon for Microsoft rankMicrosoft
May 23, 2019
I travel a lot in Italy, and many times I see multiple customers that are asking for the same requests. One request is the possibility to block some specific passwords in Active Directory. Unfortunat...
Updated Jun 07, 2019
Version 10.0
azure
Daniele De Angelis
Windows Server
tobyraistrickinseego's avatar
tobyraistrickinseego
Copper Contributor
Jul 28, 2021

Hi Daniele De Angelis,

Thanks for this great blog and the guided instructions.

 

I noticed at many points in this you mentioned the "Microsoft Global Banned Password List", but after reading more on https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad, I'm interested to learn if you know whether or not this List uses, contains, or is integrated with the (probably) much larger Have I Been Pwned Password list managed by Troy Hunt, that can be queried and tested https://haveibeenpwned.com/Passwords.

 

I'm comparing this Azure AD Password Protection tool against https://safepass.me and apparnetly we can run both at the same time, but the main difference is that safepass(dot)me uses the HIBP Pwned Passwords Database.

Thanks!