This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 36%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
I am trying to send the password as part of output claims but it never comes up. I tried to create a new extension variable and do a tranformation copy claim but that didnt work either.
I would like to hash the password and store it in external system to work around the issue of not repeating password as thats a security requirement.
If I try to add <OutputClaim ClaimTypeReferenceId="password" />
as part of <TechnicalProfile Id="login-NonInteractive">
and the whole login screen stops working.
Please let me know if I am missing something and also on how to hash the password to send it to an external RestAPI Technical profile
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Is your requirement to prevent them from re-using their last password, or to prevent them from ever repeating the same password again?
The best way to prevent password re-use in b2c is this custom policy for scenarios where you need to implement a password reset/change flow where the user cannot use their currently set password:
https://github.com/azure-ad-b2c/samples/tree/master/policies/password-reset-not-last-password
As of now we do not support enforcing password history in B2C. You can create a banned passwords list but there isn't an out-of-the-box recommended way to do what you are asking. We recommend instead using Azure MFA to secure the accounts. https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/34839976-aadb2c-password-history-policy
Hi Marilee
My requirement is prevent users from entering last 5 passwords.
I am using a custom policy but microsoft recommends using external system to store password if we need to do check against previous 5 passwords. Its a security mandate that I cant go around so I have to store the passwords externally.
My questions is how I can add passwords as part of output claims as the policy doesn't seem to accept it or may be I am not doing it right
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 62%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
@Vijayasaharan , yes, it's likely that you're running into trouble with the policy definitions. Here's a post that you might find helpful: https://www.whoiam.ai/implementing-password-history-in-azure-ad-b2c/