password expiration policy issue

%3CLINGO-SUB%20id%3D%22lingo-sub-2290097%22%20slang%3D%22en-US%22%3Epassword%20expiration%20policy%20issue%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2290097%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECompany%20uses%20Exchange%20Online%20plan%201%20for%20over%20a%20year%2C%20but%20it%20didn't%20enable%20password%20policy%20for%20expiration%20day%20issue%20and%20just%20set%20it%20never%20expired.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20how%20to%20enable%20the%20subject%20policy%20in%20Exchange%20admin%20center%2C%20but%20I%20heard%20that%20if%20this%20policy%20to%20be%20enabled%2C%20say%20if%20I%20enable%20it%20today%20(e.g.%2026-Apr-2021)%20for%2090days%20expiration%2C%20counting%20the%2090%20days%20is%20based%20on%20join%20day%20of%20Exchange%20Online%20plan%201%20when%20I%20created%20all%20users%20id%20and%20password%2C%20not%20start%20to%20count%20on%2026-Apr-2021%2C%20because%20all%20users%20never%20change%20their%20password%20for%20a%20year%2C%20as%20a%20result%2C%20all%20users'%20password%20will%20expired%20immediately%2C%20am%20i%20right%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20above%20correct%2C%20based%20on%20subject%20policy%2C%20how%20to%20solve%20this%20problem%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJason%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2290126%22%20slang%3D%22en-US%22%3ERe%3A%20password%20expiration%20policy%20issue%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2290126%22%20slang%3D%22en-US%22%3EOne%20more%20thing%2C%20is%20it%20a%20good%20idea%20a%20company%20just%20perform%20either%202FA%20or%20password%20expiration%20policy%20but%20not%20both%20%3F%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi,

 

Company uses Exchange Online plan 1 for over a year, but it didn't enable password policy for expiration day issue and just set it never expired.

 

I know how to enable the subject policy in Exchange admin center, but I heard that if this policy to be enabled, say if I enable it today (e.g. 26-Apr-2021) for 90days expiration, counting the 90 days is based on join day of Exchange Online plan 1 when I created all users id and password, not start to count on 26-Apr-2021, because all users never change their password for a year, as a result, all users' password will expired immediately, am i right?

 

If above correct, based on subject policy, how to solve this problem?

 

Jason

 

 

1 Reply
One more thing, is it a good idea a company just perform either 2FA or password expiration policy but not both ?