password expiration policy issue

Copper Contributor



Company uses Exchange Online plan 1 for over a year, but it didn't enable password policy for expiration day issue and just set it never expired.


I know how to enable the subject policy in Exchange admin center, but I heard that if this policy to be enabled, say if I enable it today (e.g. 26-Apr-2021) for 90days expiration, counting the 90 days is based on join day of Exchange Online plan 1 when I created all users id and password, not start to count on 26-Apr-2021, because all users never change their password for a year, as a result, all users' password will expired immediately, am i right?


If above correct, based on subject policy, how to solve this problem?





1 Reply
One more thing, is it a good idea a company just perform either 2FA or password expiration policy but not both ?