How can we improve Azure Active Directory?

SSPR configurable password policy text window (for tenants using ADFS/write-back)

We have Azure AD using ADFS, so SSPR is using password write-back.

We have a 3rd party password filter implemented on-prem because built-in password policies are so poor (complexity enabled with fine-grained password policies still allows passwords like "Password1", "Microsoft1", etc)

While Azure AD has added some smarts to block "bad" passwords (good job!) - on-prem AD doesn't, which means we can't rely purely on new password filtering functionality in Azure AD.

The end result is that SSPR is very frustrating to use, because it carries no information about what the on-prem password policy requirements are.

Please provide a custom field where we can detail the password requirements in SSPR after the user has completed their identity verification. It should also be displayed if the user chooses a password in SSPR that is rejected by password write-back.

Thanks for your consideration!

25 votes
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)

We’ll send you updates on this idea

Jordan shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

3 comments

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • Patrick Doherty commented  ·   ·  Flag as inappropriate

    To start with a simple text box of requirements would be fantastic, if later on it could be tabbed for different policies (different countries/companies/departments) that may have their own policies or preferences?

  • Cha Yang commented  ·   ·  Flag as inappropriate

    This is a great idea. We are also looking for this change. I think this is huge end user experience improvement. If that information is there, users will have a better chance of getting their passwords changed on the first try and eliminate frustration and calls to the service desk.

  • Gino Caroli commented  ·   ·  Flag as inappropriate

    Just the ability to post a message stating the complexity requirements on the password reset and change password pages would be nice.

Feedback and Knowledge Base