Office 365 Password Expiration – What You Need to Know

Office 365

You have a brand new, shiny Office 365 account but you and your fellow employees keep getting prompted to change your password.  This can be frustrating at times however security is a good thing!  So, you have a few options when it comes to Office 365 and password policies.

Note: This is for Office 365 online tenants only.  If you are federated with your on-premise Active Directory then you can ignore everything I say in this article!

 


Disable Password Expiration
You can disable password expiration completely.  This has it’s ups and downs as does everything.  The biggest downfall to this is if you or a user need to change your password, you can’t!  You have to request a new password from your admin.  If you are the admin, depending on the size of your organization, this could be a problem.  If that doesn’t apply to you, here is the process to remove password expiration for all users.

First you will need to get the Azure Powershell.  You can get that at https://technet.microsoft.com/library/jj151815.aspx.  Download the appropriate architecture for your machine (x86 or x64).

Once you have it downloaded, open the newly downloaded powershell and run the following commands making sure to use your 365 admin credentials when prompted:

$cred=Get-Credential

connect-MSOLService -credential $cred

Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

That’s all there is to it!

 


Change Password Expiration
Changing the amount of time until expiration will depend on your company and your culture of course.  Let’s look at how to change that number now:

  1. Login to your Office 365 admin console.
  2. Make sure you are at your Office 365 Admin Center dashboard.
  3. Select Service Settings.
  4. Now select the Passwords tab.
    PasswordExpirationVariables
  5. Feel free to change your defaults!

You can set this all the way up to 730 days (2 years!) or as low as 14 days.  Make sure to give people some time to change their passwords by setting the Notification Setting to something a little higher than 2-5 days.  I recommend the default at 14 days.

 


Just Let it Be (how to change your password on Office 365)!
Just let it be and train your users on how to change password.  Let’s talk about informing your users on how to change their password.

First off, they will need the address to the Microsoft portal.  It can be found at https://portal.microsoftonline.com.

Protip: What I like to do is point a DNS record to the Microsoft address. Example is a CName record for mail.contoso.com -> portal.microsoftonline.com

Once they reach the portal they need to login.  After login, click on the gear icon in the top right corner of the screen and select Options.  Once you are at the options page, select Change your password.

ChangePasswordSS

 

Hopefully this helps you make the decision on how to manage your password on Office 365.  If you have any questions or comments please feel free to leave them!

 

~Nick

Leave a Reply

Your email address will not be published. Required fields are marked *