If you have not yet implemented any identity protection mechanisms, such as multi-factor authentication (MFA), or to satisfy your company’s security regulations, you should establish a password expiration policy. In that case, this article will interest you. I will explain how to configure a password expiration policy for your cloud identities using PowerShell.
Important:
- You must use your global administrator account to perform these steps.
- The password expiration policy applies to all users.
PowerShell Workaround
First, you need to make sure the MSOnline module is installed on your computer and then imported into your Powershell session. To do that, you should use the following commands.
1 2 3 4 | Install-Module MSOnline Import-Module MSOnline |
Once you have imported the module, you are ready to start.
Connect to Azure Active Directory.
The easiest way to get started is to log in interactively at the command line.
1 2 3 | Connect-MsolService |
Check current password policy
Using the Get-MsolPasswordPolicy cmdlet, you can verify the Password expiration Policy’s current configuration in your tenant or Domain.
1 2 3 | Get-MsolPasswordPolicy -DomainName Exams500.onmicrosoft.com | fl |
Important: If you don’t specify the domain, The command gets the tenant password policy.
Set the new password policy
To set your password policy, you should use the Set-MsolPasswordPolicy cmdlet with the following syntax.
1 2 3 | Set-MsolPasswordPolicy -DomainName Exams500.onmicrosoft.com -ValidityPeriod 90 -NotificationDays 14 |
-DomainName: If you don’t specify the domain, The command sets the tenant’s password policy.
-ValidityPeriod: This value represents the days that a password is valid before you must change it.
-NotificationDays: Specifies the number of days before the password expires that the user will start receiving reminders to update their password.
Microsoft 365 Admin Center
If you prefer to use the Microsoft admin center portal: log in to the admin center with your global administrator account, select the app launcher icon at the top left, and choose Admin. Once there, go to settings -> Org Settings. In the Security & Privacy tab, click on the Password expiration policy option.
Thanks for reading my post. I hope you find it helpful.
If you want to learn more about password policy recommendations, check out this link.