In this blog post I will go through enabling password expiration within the Microsoft 365 portal. I will also go through the default password options within Azure AD.
Note: this only applies if you’re utilising a Microsoft cloud only setup.
Also, at the time of writing this post, Azure AD does not allow configuring password expiration from the portal. You must do this via Powershell or from the 365 portal as we will be doing now.
- Login to portal.office.com
- Click Settings and Org settings
3. Click Security & privacy
4. Click Password and expiration policy
5. By default passwords are set to never expire. Click the option Set user passwords to expire after a number of days
6. Configure settings as required, or leave the defaults and click save
Moving on, let’s take a look at the default Azure password configuration
1) Click the link to launch the Azure Active Directory admin center
2) Click Azure Active Directory
3) Click Security from the left pane
4) Click Authentication Methods
5) Click Password protection
6) and here are the default settings
The audit option applies to the custom list of banned passwords. If set to Enforce, users will be prevented from setting banned passwords and the attempt will be blocked. If set to Audit, the attempt will only be logged.