question

Pamu avatar image
0 Votes"
Pamu asked Nanogysolutions answered

Azure AD password policy

Hi everyone,

Is there a way to see the password expiration policy settings ( in days ) in Azure portal ?

I can view the 'Lockout threshold' and 'Lockout duration' in Security>Authentication Methods>Password Protection

but couldn't seem to find the 'password expiration' settings


Thanks in advance !

Edit : this is a cloud only account .. No on-premises AD

azure-ad-tenantazure-ad-passwordless-authenticationazure-ad-password-protection
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

3 Answers

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered amanpreetsingh-msft commented

Hi @PamudithaMadushanka-8226 · Thank you for reaching out.

As of now, there is no option in Azure Portal to view Azure AD password policy. You will have to use PowerShell for this purpose.

Use below cmdlet to see password expiration settings for the tenant/domain. This requires MSOnline module.

  • Get-MsolPasswordPolicy -DomainName contoso.com

Use below cmdlet to see password expiration settings on users in the tenant/domain. This requires AzureADPreview module.

  • Get-AzureADUser -All $true | Select-Object UserPrincipalName, @{N="PasswordNeverExpires";E={$_.PasswordPolicies -contains "DisablePasswordExpiration"}}

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

· 3
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Pamu avatar image Pamu ·

Thanks @amanpreetsingh-msft

Is there a default policy ..or a default number of days where the passwords expire in Azure AD?

0 Votes 0 ·
amanpreetsingh-msft avatar image amanpreetsingh-msft Pamu ·

@PamudithaMadushanka-8226 · By default password expires after 90 days.
https://docs.microsoft.com/en-us/powershell/module/msonline/get-msolpasswordpolicy?view=azureadps-1.0#outputs

0 Votes 0 ·
amanpreetsingh-msft avatar image amanpreetsingh-msft amanpreetsingh-msft ·

@PamudithaMadushanka-8226 · Just checking if above response helped or if you have any further questions.

0 Votes 0 ·
MReed-6053 avatar image
0 Votes"
MReed-6053 answered

sorry to add this on here, but am unable to post a new question at the moment.

we use both AD and AAD currently. AD on prem is synced to AAD via Azure AD connect.
we are a hybrid environment.
can someone tell me what the source of authority would be for all users?
or is it dependent on the users "source"?
in theory, we have 2 possibly disconnected password policies?
how do most admins handle this or configure generally?

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Nanogysolutions avatar image
0 Votes"
Nanogysolutions answered

You can use as it were admin center to change usage passwords time passwords time to live and change on 1st login

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.