Custom password policy allows you to change minimum password length, password history, set lockout and expiration rules.
By default password should consist of at least 8 characters. Passwords must not contain
- English uppercase characters (A-Z)
- English lowercase characters (a-z)
- Numbers (0-9)
- Special characters (e.g., ! $ # %)
Custom Password Policy cannot be less complicated than the default one.
Important: If you utilize DirectoryLink service, you can only set up a custom password policy for the users in your own Active Directory.
You can set up a custom password policy for users on your Exchange account in CONTROL PANEL > Users > User Password Policies or CONTROL PANEL > Services > Compliance > Policies or CONTROL PANEL > Account > Security Policies > User Password Policies.
On this page, you can:
By default, all users have the ability to reset/recover their password. If the user knows their current password it can be reset in My Services. Read the Knowledge Base article on How Do I Reset The Password For A Mailbox? Can I Reset The Password In OWA? for more information. If the user doesn't know their password it can be recovered through "Forgot your password" option. Read the Knowledge Base article on How Do I Recover My Mailbox Password? for instructions.
If you check Users cannot change password box and save changes it will result in following:
- users will not have permissions to reset/recover their password
- users will not be prompted to add an alternate email address of cell phone information when logging into My Services
- users will not be getting emails about password expiring
Note: Policy setting Users cannot change password applies to all users. If you want to restrict specific user(s) to change the password it can be done on individual user's settings page. Read knowledge Base article on How Do I Manage User Password Settings for more information.
You can force users to change the password on next
Here is how Outlook notification looks like:
Once they receive a notification in Outlook, they will need to change the password by trying to login to OWA or to My Services Control Panel.
You can specify the following settings:
- minimum password length (min 8, max 127)
- password expiration period (30, 60, 90, 180 and 365 days periods are available)
Note: the first password expiration notification is sent 5 days before the expiration date.
- password history
- user lock
If you enable password expiration you can check expiration date for individual user by navigating to CONTROL PANEL > Users > Click on Display Name of the user > Edit User Password Settings
If you choose to unlock the user Manually, they will receive the following notification once locked:
To unlock them go to CONTROL PANEL > Users > click on a user > click Unlock.