de-DEen-GB
 
rss

Granikos Technology Blog

Office 365 Password Length

How many characters should have a password in order to be considered safe?

Office 365 limits the password lenght for users not synchronized with on-premise Active Directories to 16 characters. Can this considered to be safe? 

Office 365 administrators need to be aware of the fact that the new Administrative Tools do not show a warning when a new user is created. When pasting an initial password into the textbox, no warning is displayed. But the password itself is already shortend to 16 characters automatically.

Screenshot Initial Office 365 Password

The summary page shows the shortend password after the new user has been created. The administrator needs to pay proper attention to the status summary to notice the shortend password.

When logging in for the first time the user experience is different. The user is notified that the password cannot exceed 16 characters.

Screenshot Change password after first login

Microsoft should rethink the limitiation of 16 characters to enhance the security level for user logon. 



Kommentare sind geschlossen

Anzeigen 0 Kommentar