Password policies that only apply to cloud user accounts
The following table describes the password policy settings that are applied to user accounts that are created and managed in Azure AD Azure AD is a cloud-based identity management solution. This enables internal users of your company to do the following: • Access external resources such as Azure services, Microsoft 365 and third-party SaaS applications• Access internal resources such as applications within the corporate network and cloud-based applications that your company creates. You can also use Azure AD to protect user identities...:
Property | Requirements |
---|---|
Characters allowed | A – Za – z0 – 9@ # $ % ^ & * – _ ! + = [ ] { } | \ : ‘ , . ? / ` ~ ” ( ) ;blank space |
Characters not allowed | Unicode characters. |
Password restrictions | A minimum of 8 characters and a maximum of 256 characters.Requires three out of four of the following:Lowercase characters.Uppercase characters.Numbers (0-9).Symbols (see the previous password restrictions). |
Password expiry duration (Maximum password age) | Default value: 90 days.The value is configurable by using the Set-MsolPasswordPolicy cmdlet from the Azure Active Directory
Azure AD is a cloud-based identity management solution. This enables internal users of your company to do the following: • Access external resources such as Azure services, Microsoft 365 and third-party SaaS applications• Access internal resources such as applications within the corporate network and cloud-based applications that your company creates. You can also use Azure AD to protect user identities... Module for Windows PowerShell. |
Password expiry notification (When are users notified of password expiration) | Default value: 14 days (before password expires) The value is configurable by using the Set-MsolPasswordPolicy cmdlet. |
Password expiry (Do passwords ever expire) | Default value: false days (indicates that password expiry is enabled).The value can be configured for individual user accounts by using the Set-MsolUser cmdlet. |
Password change history | The last password can’t be used again when the user changes a password. |
Password reset history | The last password can be used again when the user resets a forgotten password. |
Account lockout | After 10 unsuccessful sign-in attempts with the wrong password, the user is locked out for one minute. Further incorrect sign-in attempts lock out the user for increasing durations of time. Smart lockout tracks the last three bad password hashes to avoid incrementing the lockout counter for the same password. If someone enters the same bad password multiple times, this behavior will not cause the account to lockout. |
Source: https://support.getquickpass.com/hc/en-us/articles/360039184734-What-is-the-Azure-Office-365-Password-Policy-for-Cloud-Only-Accounts
Dieser Beitrag ist auch verfügbar auf: Deutsch (German)