0
votes

Our company has our email server hosted by GoDaddy - any additions or deletions of email addresses has to be managed via their website. We also have a Microsoft Azure subscription, which includes Azure Active Directory. Any additions or deletions of email addresses in our GoDaddy account is automatically and immediately reflected in our Azure Active Directory - so our AAD is already connected to our Office365 company domain.

I've been tasked with setting up a password policy that mandates our employees to change their email password every 60 days. I'm not quite sure how to accomplish this when we have the GoDaddy layer in between (e.g. when you login to your email, or any other service which uses our email addresses as logins, you have to go through a GoDaddy splash page to do so).

I'm having trouble understanding how to set up this policy since we are not in control of our own email server. I reached out to GoDaddy support and they were no help - they said I need to talk to Microsoft Azure. Microsoft's online documentation is dreadful, which seems to be the case frequently.

So I'm here to see if I can get an answer from an MS Azure personnel, OR, someone else who has accomplished this task. My understanding is that when you tag a post with any kind of Azure tag, the pertinent Azure department is pinged and will read the thread. Any guidance would be greatly appreciated.

1
Your problem sounds more server-admin oriented that software development related. You might get better answers at serverfault.com.RasmusW
Thanks @RasmusW - I'm really hoping Azure personnel will chime in here but so far no luck. Azure Support pages say to post here.Stpete111

1 Answers

1
votes

Password expiration policy is still not available with godaddy o365 in Feb 2021.

It is an Improvement action for improving the Identity Secure Score.

Do not expire passwords has a SCORE IMPACT +14.29%.
And it is still not available to the global admin for godaddy o365 in Feb 2021. The Get Started link: https://productivity.godaddy.com/settings#/settings/security gives a 404 error.

DESCRIPTION Research has found that when periodic password resets are enforced, passwords become less secure. Users tend to pick a weaker password and vary it slightly for each reset. If a user creates a strong password (long, complex and without any pragmatic words present) it should remain just as strong in the future as it is today. It is Microsoft's official security position to not expire passwords periodically without a specific reason, and recommends that cloud-only tenants set the password policy to never expire.

USER IMPACT Moderate IMPLEMENTATION COST Low

WHAT AM I ABOUT TO CHANGE? In the Microsoft 365 admin center go to Settings > Security & privacy. Then Edit the password policy to never let passwords expire. You must be a global admin to edit the password policy.

If your organization has an on-premise implementation, it is recommended that you set status for this action to "Resolved through alternate mitigation."

HOW WILL IT AFFECT MY USERS? Your users will no longer need to periodically create new passwords.