Forum Discussion

CarlosMorales's avatar
CarlosMorales
Brass Contributor
May 04, 2022
Solved

Configure Password Policy in Microsoft 365

Hi Team.

I have Microsoft 365 tenant, not synchronize with AD on prem.

 

I need configure policy password for define:

Minimum password length, Password must meet complexity requirements, account lockout duration and other options.

 

Where can you configure this policy?

 

Thanks

Authentication
  • dougsbaker's avatar
    dougsbaker
    May 04, 2022
    There are not a lot of options when it comes to setting these options in native Azure AD. This Article walks though MSFT's ideology. https://docs.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide
    Here is the breakout of the password policy.
    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts

    Main things we can configure are, disabling the strong password requirement.
    https://docs.microsoft.com/en-us/microsoft-365/admin/add-users/strong-password?view=o365-worldwide

    Password Expiration
    https://docs.microsoft.com/en-us/microsoft-365/admin/manage/set-password-expiration-policy?view=o365-worldwide

    Banned Password List
    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad


2 Replies

  • dougsbaker's avatar
    dougsbaker
    Brass Contributor
    May 04, 2022
    There are not a lot of options when it comes to setting these options in native Azure AD. This Article walks though MSFT's ideology. https://docs.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide
    Here is the breakout of the password policy.
    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-sspr-policy#password-policies-that-only-apply-to-cloud-user-accounts

    Main things we can configure are, disabling the strong password requirement.
    https://docs.microsoft.com/en-us/microsoft-365/admin/add-users/strong-password?view=o365-worldwide

    Password Expiration
    https://docs.microsoft.com/en-us/microsoft-365/admin/manage/set-password-expiration-policy?view=o365-worldwide

    Banned Password List
    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad


Resources