For this post, I am showcasing the capabilities that Entra ID offers in protecting passwords.
In the Microsoft Entra Admin center, this can be done by enabling Password Protection.
I created my smart lockout system by first choosing my lockout threshold. I configured the lockout threshold to five meaning that my account will be locked after five unsuccessful login attempts.
After that, I set the lockout duration to thirty. This means that once the limit is reached, my account will be locked for thirty seconds. The settings help keep unauthorized users from trying to break in.
I also created a custom banned password list. When enforced, users will not be able to use any of these flagged words in their passwords - whether it’s the whole password or part of it. It’s a great way to make sure users are choosing strong and secure passwords.
I tested this out on one of my users, Laura Johnson. She made five attempts to log in to her account but as you can see she was unsuccessful. Her account was locked for thirty seconds.
She then tried to reset her password using “DataSci” and “NewYork” as part of her password. Both times, it gave her the following message. This means that the custom banned list created earlier was enforced and she cannot create passwords using the words on that list.
This wraps up the basic password protection lab. This was a quick lab, but it was a nice introduction into password protection. I plan on learning more about Entra ID’s password features.