fbpx

Disable Password Expiry – Tenant Wide

Introduction

By default, passwords are set to expire in 90 days. Current research strongly indicates that mandated password changes do more harm than good. They drive users to choose weaker passwords, re-use passwords, or update old passwords in ways that are easily guessed by hackers.

The use of Multi-Factor Authentication is always highly recommended.

User Impact

Low
Disabling the password expiration will stop users from needing to set new passwords.

Admin Portal Reference

In the Microsoft 365 Admin Center;

  1. Go to the Settings > Org Settings
  2. Go to the Security & privacy page
    If you aren’t a global admin, you won’t see the Security and privacy option.
  3. Select Password expiration policy
  4. Uncheck the checkbox next to “Set user passwords to expire after a number of days”

If Action is set to Notify

We report the setting is compliant if the password expiry is set so passwords do not expire.

We report the setting is non-compliant if the password is set to expire (any number of days).

If Action is set to Enforce

We report the setting is compliant if the password expiry is set so passwords do not expire.

We report the setting is compliant-fixed if the password expiry to expire but was updated to not expire.

Get Started!

The first three tenants are free! No credit card required.

Sign Up