Share via

What is the recommendation for Password policy. If we are using Windows Hello For Business.

Ritesh Sharma 361 Reputation points
2024-05-03T11:07:11.36+00:00

Hi Team

We are implementing Windows hello for business. However, we still have option to login using password.

We have password reset policy for 30 days. What is the recommendation for password policy, if we are using Hello for business?

As this is going to be difficult for users to remember password, while it needs to be change after 30days. As users using WHFB. However we have SSPR enabled as well.

If we keep both, that make difficult for users instead making seamless experience for them.

Windows for business | Windows Client for IT Pros | User experience | Other
Microsoft Security | Microsoft Identity Manager

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marcin Policht 50,735 Reputation points MVP Volunteer Moderator
    2024-05-03T11:27:53.91+00:00

    As per https://learn.microsoft.com/en-us/windows/security/identity-protection/passwordless-strategy/journey-step-3

    If your organization doesn't have password rotation requirements, it's recommended to disable password age.

    If your organization has a password rotation policy, consider implementing automation to rotate the user's password regularly. This approach ensures that the user's password is always randomized and prevents the user from knowing the password.

    For more password-related guidance, see the whitepaper Password Guidance.

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.