Forum Discussion

Ronald van Ackooij's avatar
Ronald van Ackooij
Brass Contributor
Feb 15, 2017
Solved

Password policy changes for Cloud IDs

Hi Everyone,   I'm working on a Office 365 project at a customer that has very high standards on security. Now they are asking me if they can change the password policy for Cloud IDs? I know we can...
office 365
security
  • Jamie Brandwood's avatar
    Jamie Brandwood
    Feb 15, 2017

    Hi Ronald,

     

    Unfortunatly not, as you rightly stated you can modiy the password expiration and expiration notification etc. (https://support.office.com/en-us/article/Set-your-password-expiration-policy-0F54736F-EB22-414C-8273-498A0918678F?ui=en-US&rs=en-US&ad=US) but not the account lockout settings,

     

    Password policies and restrictions in Azure Active Directory: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-passwords-policy

     

    If you were to deploy Azure AD Connect w/ ADFS etc. then your password policy would match that of on-premises AD.

     

    Hope that answers your question, although it may not help your customer.

     

    Kind Regards,

     

    Jamie Brandwood

Muditha's avatar
Muditha
MCT
Feb 15, 2017
As @Jamie mentioned, you would need to implement AD FS and manage account lockout policies from on-premises AD. When an administrator chooses Cloud Identity model, he doesn't have much control over the features other than for few stuff as password expiration, etc. :)

Resources