Share via

About Password Policy

Cemil Bek 0 Reputation points
2024-12-27T09:50:37.45+00:00

Hi all,

Can I allow the user to change their AD password a maximum of 5 times in the same day? I can't do this with AD password policy. Is there another way?

If I write 1 in the Minimum password age field, it can only be changed once a day, but I don't want that.Is there a different policy or configuration? Or do I need to use a 3rd party application?

I think there must be a way to do this.

Thanks,

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,801 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
455 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,856 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. FrankEscarosBuechsel-MSFT 740 Reputation points Microsoft Employee
    2024-12-27T10:53:07.23+00:00

    Hi @Cemil Bek • Thank you for reaching out.

    You are looking for a way to allow your users to change the password multiple times daily but at the same time you want to set an upper limit as to how many changes they can perform.

    As you have already tested with a minimum password age of 1 day, the password can indeed only be changed once per day, as this setting applies a minimum password validity time.

    As you have tagged both Entra ID as well Active Directory I am not 100% sure where you want to enforce this behaviour, however both at the moment do not natively support what you require.

    You can find the supported password options, which can be overwritten from the general policy with fine-grained policies on a subset of users here: Managing Fine-Grained Password Policies. You could potentially use this functionality to only allow a specific subset of users to change their password multiple times a day by setting the minimum age to 0 while keeping a higher minimum password age for all your other users, however it will not allow you to put an upper bound on the amount of times a user can change their password per day.

    For Entra ID you can find the supported settings here: Password policies and account restrictions in Microsoft Entra ID, the same as above applies, there is no supported setting to put an upper bound on the amount of password changes in a given day.

    To summarize, natively this functionality is not offered today, if you would like to leave feedback and request this feature in the future please utilize Feedback Hub to let our Product Teams know.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.