The company’s recently launched password banning list feature is making its way to Azure Active Directory, blocking users from creating easy to hack passwords.
Microsoft will bolster its password security for Azure users by debuting a new feature in Azure Active Directory (AD) that will give admins the power to prevent easy password selection from users.
The spotlight is currently on password security after LinkedIn was subject to a leak of 117 million user account credentials. Part of the problem is users selecting passwords that are too easy to be hacked or those that show up frequently on stolen data. Microsoft’s new feature will prevent Microsoft Account users from picking these easy passwords.
Under the new feature, Microsoft will automatically update a list of common passwords when new ones are found through leaks. The company will block any passwords that are added to the list or match variations of the common verification.
This gives Azure a dynamic way of managing passwords and preventing users from creating verification that is too easy, or commonly used in attacks. The banned passwords feature is currently in private preview for Azure Active Directory and is live for Microsoft Account Services. The company says it will introduce the feature to all Azure AD users in the coming months.
A part of the feature will be giving admins more control over users and the passwords they select. If a username and/or password for corporate accounts match those on recently banned lists, administrators can lock down those accounts.
Admins will also be able to set up the list of banned passwords and accounts will automatically block those passwords from being chosen by new users.
If a new password is added to the banned list and is already set up by a user who attempts to use it, Microsoft will lock the account. The user will then be informed that they need to verify their account and identity to reset the password.
Microsoft detailed these changes earlier in the month as the feature launched to Microsoft Account Services. The same dynamic password management will now be coming to Azure Active Directory, which has some 10 million tenants.