MC and Email Password Protection Enhancement Beginning October 7th, 2021

CUIMC IT has implemented a security tool from Microsoft, called Password Protection, for MC and CUIMC email/Office 365 accounts on  October 7th, 2021. This does not change the existing complexity requirements for passwords on these accounts, but will check any newly chosen passwords going forward against a global banned password list.

What Will Change

Beginning the evening of October 7th, anyone changing their password for their MC account, which is the same one used for CUIMC email and Microsoft 365 Apps, will not be able to select a password that is on the global banned password list. In addition, Password Protection looks for common character substitutions (ex: “@” instead of “a”) and patterns and will not allow any ranked as weak by its algorithm.

If a desired password is ranked as too weak, you will see a message that the password does not meet password policy requirements. Simply try using less common words or character substitutions if you see this error, see our FAQ for more help, or contact us for assistance if needed.

Note that Password Protection will not review passwords already in use as of October 7th, only those that are being changed, reset, or newly selected.

Why We Are Implementing Password Protection?

While the general requirements for password complexity at CUIMC are not changing, adding a proven method to block the use of known weak passwords and common variations will further protect us from password sprays and other malicious attacks.

More on How Password Protection Works

Microsoft constantly analyzes data including recent information on breached systems and accounts to find commonly used weak or compromised passwords. When weak terms are found, they are added to a global banned password list. The contents of the global banned password list are not based on any external data source, but on the results of Azure AD security telemetry and analysis. For more details please see Microsoft’s Eliminate Bad Passwords using Azure Active Directory Password Protection.