Cannot change password in the Office portal with Writeback on

Brass Contributor

Hello

 

We recently enabled Writeback so that users can change their own passwords on their accounts from Office.com. The problem now is that even if it's enabled and you can try to change the password every password you try to change to will end up with an error saying.

 

This password did not meet the requirements for the length, complexity, age or history of your company's password policy.

 

Here are 4 example password i have tried to change to while still getting that error:

GAP3x4wvLC02

8B42shXvuA!!

8hLmp49q5T0!

c3qau95yGd

 

Anyone got any idea of why this is happening ?

5 Replies
Hard to tell without knowing you configuration, but there's a very detailed troubleshooting article here: https://docs.microsoft.com/en-us/azure/active-directory/authentication/troubleshoot-sspr-writeback
Check your event logs and correlate it with the information available in the article above.

Hi

This is in the audit logs after i tried to reset the user password i SSPR with the password "AsdGrwdsZ0!". The default policy is as follows. I cant's find anything else as to why the reset wont work in SSPR.

Policy:
8 to 256 characters long and must contain at least three of the following: uppercase, lowercase, numbers and symbols.

LOG:
ACTIVITY
DATE
2021-03-12 12:52:49
ACTIVITY TYPE
Change password (self-service)
CORRELATION ID
604b66bb-aac9-4a87-8705-29c9c6474326
CATEGORY
User management
STATUS
Wrong
STATUSORSAK
PasswordPolicyError

Hi

We managed to find out that a user only can change their password once every 48 Hours. Is there any way to change this ?
That's your on-premises policy's doing, you need to adjust the settings there.

@michaelsjodin

I've just resolved this same issue. As others have pointed out this may boil down to your default domain policy > password policy.

I made the mistake of assuming that "unsetting" the minimum password age in the group policy would be adequate but I actually had to set the minimum password age to 0 instead to allow users to change their passwords immediately.