Dec 11 2019
04:58 AM
- last edited on
May 24 2021
02:08 PM
by
TechCommunityAP
Dec 11 2019
04:58 AM
- last edited on
May 24 2021
02:08 PM
by
TechCommunityAP
Good afternoon All,
I'm new to the MS Tech Community and I'm looking for an answer on a question related to "the Global banned password list". (https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad)
My question is: is the solution language depended, in other words how effective will it be for a non english speaking country (Europe)
Cheers,
Willem
Jan 18 2020 01:17 AM
Jun 07 2021 06:46 AM - edited Jun 07 2021 06:47 AM
Unfortunately it seems to be "english only". It doesn't e.g. block different languages "January - December" and other common password compositions from local languages. I recommend each reader to e.g. check in you local language "June2021!" if that is accepted (with or without the exclamation mark, depending on how long your "june" is. This pattern is for instance a very common way by the users to "roll their password" forward every time they need to change the password. And since the custom passwords list can only contain 1000 words, you cannot start adding local dictionaries either. So good luck in making your "local language deployment" block commonly used passwords - it will not do that. It doesn't even require several components since the solution interprets most of the local language words as an "arbitrary string of letters" -> password policy met -> your AD password policy that requires 3 different character sets becomes more restricting.