Tag: Cybersecurity

Step-by-Step Guide: Setting Up a Banned Password List in Azure

image-16-1024x490

Recently, a customer raised a ticket asking us to implement a banned password list. In this guide, I’ll walk you through how we successfully tackled this request and configured it in Entra ID.

Enforcing strong password policies in Entra ID is crucial for improving organisational security. One effective method is implementing a custom banned password list to prevent users from selecting weak or predictable passwords. Here’s how to set this up step-by-step:

Prerequisites

Before starting, ensure you have the following:

  1. Entra ID Premium P1 or P2 licence

    • The banned password list feature is available only in Entra ID Premium editions.

  2. Administrator permissions

    • You need Global Administrator or Privileged Role Administrator rights in Entra ID to configure password policies.

Continue reading “Step-by-Step Guide: Setting Up a Banned Password List in Azure”

Microsoft Announces Mandatory MFA for All Azure Users

Authentication Icon

Microsoft has recently announced a significant change that will impact all Azure users: the mandatory implementation of Multifactor Authentication (MFA). This update aims to enhance security across the Azure platform by requiring additional verification for users accessing various Azure services.

Official Announcement: Read Microsoft’s MFA Requirement for Azure Users

Understanding the Changes

This update will affect all users interacting with the Azure Portal, Azure CLI, Azure PowerShell Modules, and Terraform when deploying to Azure. This includes guest accounts, service accounts, and break glass accounts.

Continue reading “Microsoft Announces Mandatory MFA for All Azure Users”