How does the password policy work in Hybrid environments?


My understanding is that there's a enforced default password policy on Azure AD, Office365 etc..

If password complexity requirements aren't set on the on prem AD does that mean weak passwords can sync back into our Azure AD/Office365?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,094 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,183 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 143.8K Reputation points MVP

    The Azure AD Password policies apply ONLY to the cloud-based accounts unless you have set the correct configuration


    Otherwise, the on-prem password policies apply to the synced accounts.
    You should enable password writeback and SSPR to ensure this:

    as well as Password Hash Sync:

    0 comments No comments