Setting a Password Policy for Cloud Users
Start course

Microsoft 365 offers Enterprise Mobility & Security (EMS), Windows 10, and Office 365 to enhance business productivity and security. Because Microsoft 365 offers a variety of services and features, not everything is in the same place. Therefore, we need to navigate within different portals, and familiarity with “what is where” gets really important over time.

In this course, we will have a look at some of the most common tasks to be performed by Microsoft 365 administrators related to Azure AD identities, how to secure your environment by assigning the correct permissions to your users, and how to reduce administrative overhead. We’ll do various tasks in different ways by using the Microsoft 365 Admin Center, the Azure portal, and even use Windows PowerShell for automating bulk actions.

Choosing the right type of identity for your current infrastructure is the first step for any successful Microsoft 365 deployment.

Learning Objectives

  • Plan Azure AD Identities
  • Manage Users and Groups
  • Manage User Access with Access Reviews
  • Manage Passwords and Password Policies
  • Implement Self-Service Password Reset (SSPR)
  • Manage Product Licenses

Intended Audience

  • People preparing for Microsoft’s MS-100 exam
  • Microsoft 365 Administrators


  • Experience with Microsoft 365
  • Experience with the Azure portal
  • Experience with PowerShell

Within the Microsoft 365 admin center, you have the possibility to set a password policy for cloud users. And to do this, we need to navigate to Settings. 

If you do not see Settings on your left-hand side scroll down and make sure to go to Customize Navigation. Once the blade is open, make sure that Settings is checked and click Save. Now it will appear on your left-hand side. 

Click on Settings, then Security and Privacy. The first one at the top is Password Policy, and right now, it is set to Never. So it means that the password from my users will never expire, and therefore they will never receive a notification. 

To change that, click on Edit and toggle the setting to Off. Now we can set that the number of days before the passwords expire, which is currently set at 90 days by default, and the reminder for the expiration is set to 14 days. The maximum value that Microsoft 365 will let you enter for the days before the passwords expire is 730 days. And the number of days before a user is notified can be up to 30 days. 

Once you've set everything up, click on Save. Now your password policy has been updated, you just have to click on Close.

About the Author

Veronique is a SharePoint and Office 365 consultant for an IT company based in Glasgow, UK. She loves photography, the outdoors, and long walks with her two dogs! You can follow Veronique on Twitter @veronicageek or read her blog at