Powershell command to set password complexity policy in Azure AD

Chopra 126 Reputation points

Will be moving my users to AD cloud and disconnecting the AAD connect

How can I set the password complexity to meet the following requirements

Minimum characters 12
Cannot contain login name or name of the user
Contains alphanumeric characters
Max pwd age 90 days
Min pwd age 24hrs
History - last 15 passwords

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,597 questions
0 comments No comments
{count} votes

Accepted answer
  1. Siva-kumar-selvaraj 15,601 Reputation points

    Hello @Chopra ,

    Thanks for reaching out.

    You can't customize Azure AD default password policy. Some of these password policy settings can't be modified, though you can configure custom banned passwords for Azure AD password protection or account lockout parameters

    To know more about Azure AD password policies, refer.

    Hope this helps.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

2 additional answers

Sort by: Most helpful
  1. Vasil Michev 100.1K Reputation points MVP

    The only thing you can modify is the max password age and notification window, this is done via the Set-MsolPasswordPolicy cmdlet on a per-domain basis. If you want more control over this, or to enforce your AD policies, consider using federation or pass-trough authentication.

    1 person found this answer helpful.

  2. Mr Sb 356 Reputation points

    You shouldn't.

    Don't focus to much on making passwords complex because this will not increase security. Focus on:

    1. Implementing MFA.
    2. Disable legacy authentication.
    3. Implement Azure Identity protection (leaked passwords, risky users / sign-ins)
    4. etc etc
    0 comments No comments