Password change nagging

%3CLINGO-SUB%20id%3D%22lingo-sub-285314%22%20slang%3D%22en-US%22%3EPassword%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-285314%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20working%20in%20a%20browser%2C%20O365%20is%20sending%20a%20notification%20that%20the%20user's%20password%20is%20about%20to%20expire%20and%20needs%20to%20be%20changed.%20This%20is%20great%2C%20but%20if%20they%20dismiss%20the%20reminder%2C%20and%20don't%20change%20password%20(they%20still%20have%20days%20until%20expiry)%2C%20whenever%20they%20interact%20with%20the%20web%20page%2C%20such%20as%20select%20something%20in%20SharePoint%20online%2C%20the%20reminder%20comes%20back.%26nbsp%3B%20I'm%20happily%20telling%20the%20users%20that%20the%20solution%20to%20this%20issue%20is%20to%20simply%20change%20their%20password%2C%20but%20is%20there%20a%20way%20of%20dealing%20with%20the%20root%20cause%3F%26nbsp%3B%20The%20frequency%20of%20the%20reminders%20is%20somewhat%20ridiculous.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-285314%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-339025%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-339025%22%20slang%3D%22en-US%22%3E%3CP%3EThis%20is%20especially%20annoying%20when%20it's%20telling%20me%20my%20password%20is%20expiring...%20but%20it%20isn't%20expiring%20for%2060%20more%20days.%20%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESharePoint%20Online%20is%20the%20only%20thing%20that%20has%20this%20bad%20information...%20nothing%20else.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-285501%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-285501%22%20slang%3D%22en-US%22%3E%3CP%3EThat's%20the%20intention%2C%20the%20popup%20is%20deliberately%20designed%20to%20be%20as%20annoying%20as%20possible%2C%20so%20you%20don't%20miss%20it.%20The%20one%20about%20expiring%20federation%20certificate%20is%20using%20the%20same%20%22method%22%2C%20so%20are%20some%20of%20the%20EAC%20ones.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20can%20always%20leave%20feedback%20on%20the%20portal%20or%20UserVoice%20and%20request%20to%20have%20it%20changed%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-285384%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-285384%22%20slang%3D%22en-US%22%3E%3CP%3EHey%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F15390%22%20target%3D%22_blank%22%3E%40Lloyd%20Adams%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAFAIK%26nbsp%3Bthere%20is%20not%20a%20way%20as%20an%20admin%20to%20edit%20that.%20At%20least%20to%20my%20knowledge%2C%20I%20have%20never%20seen%20any%20options%20that%20would%20allow%20you%20to%20control%20something%20that%20granular.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20had%20something%20like%20ADFS%20you%20could%20handle%20everything%20in%20house%2C%20but%20that%20is%20obviously%20not%20what%20you%20are%20asking.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20will%20let%20someone%20else%20chime%20in%2C%20but%20even%20spending%20a%20bit%20of%20time%20trying%20research%20such%20a%20thing%2C%20i%20came%20up%20with%20nothing.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAdam%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-285375%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-285375%22%20slang%3D%22en-US%22%3E%3CP%3ESorry%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F603%22%20target%3D%22_blank%22%3E%40Adam%20Ochs%3C%2FA%3E%20but%20I%20think%20you%20miss%20the%20point.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20password%20life%2C%20notification%20time%20etc.%20set%20as%20we%20want.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20problem%20is%20that%20if%20you%20dismiss%20the%20reminder%2C%20it%20pops%20right%20back%20up%20again%20the%20next%20time%20you%20do%20something%20in%20O365.%20%26nbsp%3B%20If%20you%20spend%20a%20lot%20of%20time%20in%20O365%20web%20apps%2C%20you%20cannot%20get%20rid%20of%20this%20pop%20up.%20You%20should%20at%20least%20be%20able%20to%20dismiss%20it%20for%20a%20day.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-285370%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-285370%22%20slang%3D%22en-US%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F15390%22%20target%3D%22_blank%22%3E%40Lloyd%20Adams%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThere%20is%2C%20you%20can%20manage%20your%20password%20policy%20for%20your%20organization.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foffice365%2Fadmin%2Fmanage%2Fset-password-expiration-policy%3Fview%3Do365-worldwide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Foffice365%2Fadmin%2Fmanage%2Fset-password-expiration-policy%3Fview%3Do365-worldwide%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIt%20is%20probably%20easiest%20to%20just%20edit%20this%20through%20the%20admin%20center%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAs%20a%20Global%20Admin%3A%3C%2FP%3E%3CP%3ESettings%20-%26gt%3B%20Security%20and%20Privacy%3C%2FP%3E%3CP%3EThere%20will%20be%20a%20password%20policy%20there.%20You%20can%20change%20how%20long%20a%20password%20is%20good%20for%2C%20as%20well%20as%20how%20much%20in%20advance%20you%20notify%20users.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20you%20could%20make%20the%20password%20stay%20good%20for%20180%20days%20instead%20of%2090%20for%20instance.%20Or%20notify%20them%205%20days%20in%20advance%20instead%20of%2014%20(or%20both).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJust%20keep%20in%20mind%20the%20longer%20you%20allow%20passwords%20to%20be%20valid%2C%20the%20greater%20the%20security%20risk%20of%20a%20compromise.%20Its%20always%20a%20balancing%20act%20that%20each%20admin%20has%20to%20walk%20to%20decide%20what%20is%20right%20for%20their%20organization.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGoodluck!%3C%2FP%3E%3CP%3EAdam%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-556340%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-556340%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F15390%22%20target%3D%22_blank%22%3E%40Lloyd%20Adams%3C%2FA%3E%26nbsp%3BDid%20you%20ever%20get%20satisfaction%20on%20this%20issue%3F%20I%20have%20seen%20this%20problem%20in%20my%20environment%20and%20have%20yet%20to%20devise%20a%20cure..%3C%2FP%3E%3CP%3EIt%20goes%20a%20step%20further%20here...%20The%20user%20changed%20his%20password%20using%20Ctrl-Alt-Delete%2C%20and%20not%20using%20the%20link%20provided%20through%20that%20message%20reminder.%20Since%20changing%20the%20password%20it%20still%20annoyingly%20pops%20up%20even%20after%20clearing%20the%20notifications..%20It%20is%20now%204%20days%20since%20the%20day%20the%20password%20expired%20and%20it%20is%20still%20stating%20that%20his%20password%20is%20expiring%20soon%20and%20needs%20to%20be%20changed.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-581223%22%20slang%3D%22en-US%22%3ERe%3A%20Password%20change%20nagging%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-581223%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F339686%22%20target%3D%22_blank%22%3E%40PsychicIT%3C%2FA%3E-%20Either%20the%20issue%20went%20away%2C%20or%20the%20user%20got%20used%20to%20it%2C%20so%20I%20can't%20help%20you%20any%20further%20I'm%20afraid.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Regular Contributor

When working in a browser, O365 is sending a notification that the user's password is about to expire and needs to be changed. This is great, but if they dismiss the reminder, and don't change password (they still have days until expiry), whenever they interact with the web page, such as select something in SharePoint online, the reminder comes back.  I'm happily telling the users that the solution to this issue is to simply change their password, but is there a way of dealing with the root cause?  The frequency of the reminders is somewhat ridiculous.

7 Replies
Highlighted

Hello @Lloyd Adams,

 

There is, you can manage your password policy for your organization.

 

https://docs.microsoft.com/en-us/office365/admin/manage/set-password-expiration-policy?view=o365-wor...

 

It is probably easiest to just edit this through the admin center:

 

As a Global Admin:

Settings -> Security and Privacy

There will be a password policy there. You can change how long a password is good for, as well as how much in advance you notify users.

 

So you could make the password stay good for 180 days instead of 90 for instance. Or notify them 5 days in advance instead of 14 (or both).

 

Just keep in mind the longer you allow passwords to be valid, the greater the security risk of a compromise. Its always a balancing act that each admin has to walk to decide what is right for their organization.

 

Goodluck!

Adam

Highlighted

Sorry @Adam Ochs but I think you miss the point.

 

We have password life, notification time etc. set as we want. 

 

The problem is that if you dismiss the reminder, it pops right back up again the next time you do something in O365.   If you spend a lot of time in O365 web apps, you cannot get rid of this pop up. You should at least be able to dismiss it for a day.

Highlighted

Hey @Lloyd Adams,

 

AFAIK there is not a way as an admin to edit that. At least to my knowledge, I have never seen any options that would allow you to control something that granular.

 

If you had something like ADFS you could handle everything in house, but that is obviously not what you are asking.

 

I will let someone else chime in, but even spending a bit of time trying research such a thing, i came up with nothing.

 

Adam

Highlighted

That's the intention, the popup is deliberately designed to be as annoying as possible, so you don't miss it. The one about expiring federation certificate is using the same "method", so are some of the EAC ones.

 

You can always leave feedback on the portal or UserVoice and request to have it changed :)

Highlighted

This is especially annoying when it's telling me my password is expiring... but it isn't expiring for 60 more days.  

 

SharePoint Online is the only thing that has this bad information... nothing else. 

Highlighted

@Lloyd Adams Did you ever get satisfaction on this issue? I have seen this problem in my environment and have yet to devise a cure..

It goes a step further here... The user changed his password using Ctrl-Alt-Delete, and not using the link provided through that message reminder. Since changing the password it still annoyingly pops up even after clearing the notifications.. It is now 4 days since the day the password expired and it is still stating that his password is expiring soon and needs to be changed.

Highlighted

@PsychicIT- Either the issue went away, or the user got used to it, so I can't help you any further I'm afraid.