Microsoft Office 365 now supports no expiration on passwords. While there will always be trade-offs between convenience and security in maintaining user accounts and passwords, it is the lack of choice which tends to be irksome.
Many of you may have experienced the need to create a new password at least once since we migrated to Office 365. Originally, we had been set at whatever Microsoft’s default was and when the first questions came in about expired passwords we discovered we could not outright disable that security “feature.” We were able to extend the time limit to 730 days (2 years), so did that to at least relieve the pressures and hassles of regular password changes. Microsoft did introduce a mechanism to disable password requirements a while ago, but the ability to do so without introducing back-end complexities came out later, and was not touted. We might have continued unaware of the option to disable it had the Office 365 Dashboard not popped up a tip recognizing our long expiration setting and recommending the “no expiration” setting.
WVLS still recommends diligent password management, including changing passwords whenever there is a hint of security breach, whenever an account is transferred (as with predecessor to successor director transitions), and also periodically – just because. However, now that the global WVLS Office 365 password expiration has been adjusted to “Never Expire,” that last reason is entirely up to you.
Submitted by Joshua Klingbeil.