Azure AD Password Policy
Azure AD should provide more parameters to configure as per the users need.
For example as per my organisation's Security policy, the minimum password length required is 12. But there is no way to configure this parameter from 8.
The Azure AD platform should provide the ability for users to configure the below password policy at least.
1. Password history
2. Password complexity of temporary password generated by Azure
3. Password length
Jared Brodsky commented
Seems like a no brainer to be implemented. Google, Okta, Onelogin, AWS, etc all have it, where is MSFT on this?
Microsoft. Identity is important.
Matthew Baldwin commented
We are having the same issues on our current project.
Charles Jacks commented
Agreed, the password policy in Azure AD should work like Active Directory (on prem) or Azure AD B2C, which does have more flexibility over setting password policies. The limit of 16, forcing a specific password restriction set, etc. are all outdated ideas. If there is a setting for passwords, then it needs to be adjustable. For example, we should be able to set passwords to as weak or as strong as we like for complexity and length.
Microsoft has this in place for Active Directory, why not in Azure AD?
Being able to deliver password policies based on groups (fine-grain control) would be excellent as well.