Office 365 (Azure Active Directory) Password Requirements

A strong password is important and the newest guidance is that longer is better and length is more important than complexity.

Office 365 (Azure Active Directory) lags somewhat in that complexity is still favored.  More frustrating is that there is actually a 16 character limit on password length.  Even more frustrating is that it isn’t well explained when setting or changing a password.

If you’ve seen an error like the one below, what it should say is “at least 8 but not more than 16 characters…”

O365 password requirements
Your password cannot contain your username and must contain at least 8 to 16 characters, a combination of upper and lowercase letters, and at least one number or symbol.

If you try to use more than 16 characters you’ll see the message above.  It will not change to say “you may not use more than 16 characters.”

I’ve personally struggled and witnessed others who are IT professionals get stuck on this prompt when attempting to use a password longer than 16 characters.

Be aware of this limitation learn more detail about Azure AD password policies here.

Also, multi-factor authentication is available and is an excellent way to increase security.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s