Forum Discussion

Lloyd Adams's avatar
Lloyd Adams
Iron Contributor
Nov 12, 2018

Password change nagging

When working in a browser, O365 is sending a notification that the user's password is about to expire and needs to be changed. This is great, but if they dismiss the reminder, and don't change passwo...
office 365
Adam Ochs's avatar
Adam Ochs
Steel Contributor
Nov 12, 2018

Hello Lloyd Adams,

 

There is, you can manage your password policy for your organization.

 

https://docs.microsoft.com/en-us/office365/admin/manage/set-password-expiration-policy?view=o365-worldwide

 

It is probably easiest to just edit this through the admin center:

 

As a Global Admin:

Settings -> Security and Privacy

There will be a password policy there. You can change how long a password is good for, as well as how much in advance you notify users.

 

So you could make the password stay good for 180 days instead of 90 for instance. Or notify them 5 days in advance instead of 14 (or both).

 

Just keep in mind the longer you allow passwords to be valid, the greater the security risk of a compromise. Its always a balancing act that each admin has to walk to decide what is right for their organization.

 

Goodluck!

Adam

Lloyd Adams's avatar
Lloyd Adams
Iron Contributor
Nov 12, 2018

Sorry Adam Ochs but I think you miss the point.

 

We have password life, notification time etc. set as we want. 

 

The problem is that if you dismiss the reminder, it pops right back up again the next time you do something in O365.   If you spend a lot of time in O365 web apps, you cannot get rid of this pop up. You should at least be able to dismiss it for a day.