Skip to main content
Jorge Bernhardt Jorge Bernhardt
  1. Posts/

How to set the Password Expiration Policy in Microsoft 365

·375 words·2 mins· 100 views · 5 likes ·
Azure AD Connect-MsolService Get-MsolPasswordPolicy Import-Module

If you have not yet implemented any identity protection mechanisms, such as multi-factor authentication (MFA), or to satisfy your company’s security regulations, you should establish a password expiration policy. In that case, this article will interest you. I will explain how to configure a password expiration policy for your cloud identities using PowerShell. Important:

  • You must use your global administrator account to perform these steps.
  • The password expiration policy applies to all users.
PowerShell Workaround>

PowerShell Workaround #

First, you need to make sure the MSOnline module is installed on your computer and then imported into your Powershell session. To do that, you should use the following commands.

Install-Module MSOnline
Import-Module MSOnline

Once you have imported the module, you are ready to start.

Connect to Azure Active Directory.>

Connect to Azure Active Directory. #

The easiest way to get started is to log in interactively at the command line.

Check the current password policy>

Check the current password policy #

Using the Get-MsolPasswordPolicy cmdlet, you can verify the Password expiration Policy’s current configuration in your tenant or Domain.

Get-MsolPasswordPolicy `
    -DomainName `
    | fl

Important: If you don’t specify the domain, The command gets the tenant password policy.

Set the new password policy>

Set the new password policy #

To set your password policy, you should use the Set-MsolPasswordPolicy cmdlet with the following syntax.

Set-MsolPasswordPolicy `
    -DomainName `
    -ValidityPeriod 90 `
    -NotificationDays 14

Password expiration Policy

  • -DomainName: If you don’t specify the domain, The command sets the tenant’s password policy.
  • -ValidityPeriod: This value represents the days that a password is valid before you must change it.
  • -NotificationDays: Specifies the number of days before the password expires that the user will start receiving reminders to update their password.
Microsoft 365 Admin Center>

Microsoft 365 Admin Center #

If you prefer to use the Microsoft admin center portal:

  • log in to the admin center with your global administrator account, select the app launcher icon at the top left, and choose Admin.
  • Once there, go to settings -> Org Settings.
  • In the Security & Privacy tab, click on the Password expiration policy option.

Thanks for reading my post. I hope you find it helpful.

If you want to learn more about password policy recommendations, check out this link.