Auditing Password Security in Office 365
Moving your company to the cloud makes it incredibly easy for your employees to access the information they need where ever they are. Unfortunately it also makes it incredibly easy for hackers and other nasty people to access this information.
Strong and complex passwords that are regularly changed are more important than ever, especially for people with access to high profile and confidential information.
So how do you know who has strong passwords enabled or passwords that are set to never expire? We’ll show you.
First we need open up PowerShell (This article assumes you have the correct Azure Active Directory modules installed)
Connect to Microsoft Online by typing in the following cmdlets one by one and entering your Office 365 Administrator username and password when prompted.
$msolcred = get-credential
connect-msolservice -credential $msolcred
You are now connected to Microsoft Online and can run the following cmdlet to export a list of all your users and their password settings to a CSV file.
get-msoluser | select DisplayName,UserPrincipalName,StrongPasswordRequired,PasswordNeverE
xpires | Export-Csv UserPasswords.csv
This will create a file called UserPasswords.csv in the current directory, which you can open up in Microsoft Excel.
The users that have no entry for a specific column are the same as if they were set to FALSE.
Is there an easier way?
Yep – sign up to our Office 365 Reporting application and use our User Password Settings report. You can even schedule this report to get emailed to you on a regular basis to make sure you stay complaint!