Request for Assistance Regarding Password Security

Kanchana Jayathilake 0 Reputation points
2024-04-05T09:40:35.6033333+00:00

I'm writing to inform you about a recent security incident we encountered within our organization. Unfortunately, we experienced some insider phishing attacks that compromised certain email accounts. As a precautionary measure, we immediately reset the passwords for these compromised accounts. However, upon further investigation, we discovered that both the old and new passwords remain active for 180 minutes or more specially when sending the multiple mails, posing a potential security risk.

We kindly request your assistance in providing guidance on how we can effectively reduce the duration for which both passwords remain active. Any advice or recommendations you can offer would be greatly appreciated.

Regards

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,626 questions
Microsoft Exchange
Microsoft Exchange
Microsoft messaging and collaboration software.
532 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
2,096 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JimmyYang-MSFT 52,801 Reputation points Microsoft Vendor
    2024-04-08T06:49:28.4833333+00:00

    Hi @Kanchana Jayathilake

    Regarding your question, it sounds like you are concerned about the duration for which both the old and new passwords remain active. I can suggest a few general best practices that may be helpful:

    1. Implement two-factor authentication: This adds an extra layer of security by requiring a second form of authentication, such as a code sent to a mobile device, in addition to a password.
    2. Use strong passwords: Ensure that all employees are using strong passwords that are difficult to guess or crack. This can include using a combination of uppercase and lowercase letters, numbers, and special characters.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.