SOLVED: How To Disable Office 365 Password Policies – Complexity Requirements & Password Expiry

UPDATE: August 5, 2014  See our updated explanation and screen shots: www.urtech.ca/2014/08/solved-how-to-disable-password-expiry-and-password-complexity-rules-in-office-365/

 

To disable Office 365’s Password complexity requirements and to stop your passwords from expiring every 90 days is not difficult, but must be done through command line as Microsoft has not allowed these settings to be customized through the Office 365 web interface:

  1. Download the Office 365 Online Services Module:
    32bit or 64bit
    and install it
  2. Start the module (click the START BUTTON and type MODULE… you’ll see it!)
  3. Connect to your Office 365 using:
    Connect-MsolService
  4. Enter your Office365 username and password at the prompt
  5. Set all Office365 passwords to never expire using:
    Get-MsolUser | Set-MsolUser -PasswordNeverExpires $True
  6. Set all Office 365 passwords to not have any complexity requirements:
    Get-MsolUser | Set-MsolUser -StrongPasswordRequired $false
  7. Enjoy not having insane password requirements!

how-to-disable-office-365-password-policies

Comments

  1. Avatar
    T January 28, 2015 at 4:43 am

    Thank you, this worked great!

  2. Avatar
    Matthias November 8, 2013 at 12:48 pm

    Thank you, just what I was looking for!

  3. Avatar
    Eric May 21, 2013 at 12:45 pm

    Ian… okay, so I’m only 5 months in responding, but it’s taken me that long to find my way through Office 365.

    I love the tip, but here’s a question I’m willing to bet has caused many others some strife: How does one CHANGE the O365 password complexity requirements? Or, even better, the min/max password length?

    I like the idea of 8-16 chars, but I prefer 16 minimum. In fact… I require it. I can live with the complexity requirements, although they aren’t very passphrase friendly (workarounds notwithstanding).

    And for anyone else reading this… anyone know how to block user access to the portal, but allow them to get email via a thick client and/or activesync?

    Back to banging my head against the wall. One of them will crack open sooner or later.

    .ew

    • Ian Matthews
      Ian Matthews May 22, 2013 at 12:03 pm

      Hi Eric;

      My understanding is that the details of the COMPLEXITY REQUIREMENTS (i.e. upper case, lower case, numeric,…) are not editable. I have argued with Microsoft Partner support and Beta teams on every version of Windows since 2000 about this. It makes no sense to me that I can only turn CR on or off. That is not granular enough. I should be able to set the complexity requirements to (say) 8 characters with one upper case… but that is not the case.

      However, I have not verified with Microsoft Office 365 Support since their recent upgrades (i.e. to Exchange 2013) and so it MAY be possible now. I would just call and ask.

      You can also ask about blocking the web-portal at the same time.

      If you find out anything interesting, I would appreciate it if you would post your findings.

      Thanks and have a great day.

Questions or Comments?