Share via

Password Policy on Azure AD and Conditional Access Policy

Witness Ncube 0 Reputation points
2023-08-14T08:06:36.52+00:00

Please help me with the setup of password polices on Azure AD as the polices we have been set are not showing, or any other Conditional Access policy that can be applied on our Azure AD.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,411 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Tech-Hyd-1989 5,761 Reputation points
    2023-08-14T08:28:42.6633333+00:00

    Hello Witness Ncube

    Here are the steps on how to set up password policies on Azure AD:

    1. Go to the Azure portal and sign in with your Azure AD administrator account.
    2. Click the Azure Active Directory blade.
    3. In the left navigation pane, click Security.
    4. Under Authentication methods, click Password protection.
    5. Click the Create policy button.
    6. In the Create policy dialog box, enter a name for the policy.
    7. In the Password policy section, specify the following settings:
    • Minimum password length: The minimum number of characters that a password must have.
    • Password complexity: The complexity requirements for passwords.
    • Password history: The number of previous passwords that a user cannot reuse.
    • Password expiration: The number of days before a password expires.
    1. In the Account lockout policy section, specify the following settings:
    • Account lockout threshold: The number of failed sign-in attempts before an account is locked out.
    • Account lockout duration: The number of minutes that an account is locked out after it has exceeded the lockout threshold.
    1. Click the Create button.

    Once you have created a password policy, it will be applied to all users in your Azure AD tenant. You can also create custom password policies that are applied to specific users or groups.

    If you are not seeing the password policies that you have created, it is possible that they have not been provisioned yet. It can take a few minutes for password policies to be provisioned. You can check the provisioning status of a password policy by clicking the Status column in the Password policies table.

    If you are still having trouble seeing the password policies that you have created, you can contact Azure support for help.

    In addition to password policies, you can also apply Conditional Access policies to your Azure AD users. Conditional Access policies allow you to control who can access your resources and how they can access them. For example, you can create a Conditional Access policy that requires users to use a strong password before they can access your resources.

    To create a Conditional Access policy, follow these steps:

    1. Go to the Azure portal and sign in with your Azure AD administrator account.
    2. Click the Azure Active Directory blade.
    3. In the left navigation pane, click Security.
    4. Under Conditional access, click Policies.
    5. Click the Create policy button.
    6. In the Create policy dialog box, enter a name for the policy.
    7. In the Conditions section, specify the conditions that must be met for the policy to apply. For example, you can specify that the policy only applies to users who are accessing your resources from a specific location or who are using a specific device.
    8. In the Actions section, specify the actions that will be taken if the conditions are met. For example, you can specify that the policy blocks access to your resources or that it requires users to use a strong password.
    9. Click the Create button.

    Once you have created a Conditional Access policy, it will be applied to all users in your Azure AD tenant who meet the conditions that you specified. You can also create custom Conditional Access policies that are applied to specific users or groups.

    I hope this helps! Let me know if you have any other questions.