General Availability Alert - Azure AD Password Protection is now GA

@20aman    Apr 03, 2019

Azure Active Directory (AD) Password Protection feature is now generally available.

In nutshell, this feature provides you with the ability to enforce or audit users who set passwords to common and weak passwords. When set in enforce mode this feature stops them from being able to set a weak or common password. E.g. you could stop the end users from using a password like "test123" or "password1" etc. You can add as many general passwords to ban. As a good practice, you should add your organization's name or any common internal password to this list with any variants you believe end users may use. The end goal is to try and make the password as much difficult and secure as possible.

This feature also allows you to specify the thresholds to lock a user in case of failed sign-in attempts. It allows you to set the time for which the user will be locked out before they can try signing in again.

This feature can be accessed by navigating to the Azure Active Directory and then selecting "Authentication methods" under the Security section. You will see the "Password Protection" option opened up in its own blade.

Azure AD Password Protection

Note: Preview customers MUST update the agents to the latest version (1.2.116.0 or higher) immediately. The current agents will stop working after July 1, 2019.

For more information and the announcement blog from Microsoft, read here: Azure AD Password Protection is now generally available!