Jun 03 2022
04:08 AM
- last edited on
Feb 06 2023
03:02 AM
by
TechCommunityAP
Jun 03 2022
04:08 AM
- last edited on
Feb 06 2023
03:02 AM
by
TechCommunityAP
Hi there,
We have an on-premise environment with the users synced to Azure AD (by using Azure AD Connect).
MFA+SSPR is configured and users are used to work with it.
Traditional, the AD password policy settings in the default domain policy have the following settings:
Enforce password history | 3 passwords remembered |
Maximum password age | 0 days |
Minimum password age | 0 days |
Minimum password length | 6 characters |
Password must meet complexity requirements | Disabled |
The management wants to tighten the password policy by setting the following;
Enforce password history | 3 passwords remembered |
Maximum password age | 60 days |
Minimum password age | 0 days |
Minimum password length | 10 characters |
Password must meet complexity requirements | Enabled |
When I change this setting now, I suppose everyone in the organization is forced to change their password immediately (because we change the maximum password age value from 0 to 60).
Besides this; I would like to know your thoughts on this (2022 wise). Because M365 don't require to change passwords by default....
Thanks in advance!