Recently Azure AD Password Protection has become available in Public Preview. This new feature consists of several components, intended to eliminate bad passwords in your organization.
The main feature is the Global Banned Password list. On this dynamic list, Microsoft has gathered vulnerable passwords that are deemed to common. The list is not public, but you can imagine passwords like Welcome01 and Password123 are on it.
New in the Public Preview is the possibility to add custom passwords that you want to ban for your own organization. This enables you to ban the company name, brand names and the like, as passwords in your organization.
Password Protection is also available for hybrid scenarios, extending this Azure AD capability to your on-prem Active Directory.
In this video, you will find out how to configure Password Protection and you will see the user experience. I’m also showing you how to install and configure Password Protection for your on-prem AD.
Find out more in this blog post by Alex Simons and of course on Microsoft Docs.