SummaryHow to improve password security
We set most of our users to authenticate through Azure Single sign-on using multi factor authentication.
However a small number of users need to login using a password, we have set this to be 'Very Complex which is the highest security setting we can choose. However this still only forces a minimum of 8 characters to be entered. It does force the use of numbers, upper/lower case and special characters but it is now widely accepted that longer passwords, for example using 3 words are much harder to crack than using special characters.
I am concerned about the level of security for users that only have a user name and password to protect their accounts. I can think of 2 options which would improve this situation: