Microsoft has recently made a new blog post about the importance of changing the password frequently for your Microsoft accounts. Not only that, they are also forcing the use of stronger passwords for your accounts to avoid hackers using weak passwords lists to break into your accounts. You can read the blog post made by Microsoft developer Robyn at https://blogs.technet.microsoft.com/.
If you have a Microsoft account for many years that chances are that you have not enabled the password expiry settings in your account to automatically expire your older passwords after a few months. But you can easily enable this feature in your Microsoft account. Here is how:
- Open any web browser of your choice and browse the Outlook.com website. You can use your tablet computer for this, but a notebook or desktop computer makes things easier.
- Sign-in using your Microsoft account credentials and when the Outlook site shows your email inbox, click on the user account picture near the top-right corner and then select Account settings.
- On the account settings screen, open the Security & Privacy section and the click on Change your password from under the “Password” settings.
- You will be asked to enter your existing password and enter a new password. For choosing a new strong password, you can use our PassGen utility that can generate very strong and hard-to-guess passwords.
- Under the password entry fields, you can select the checkbox Make me change my password every 72 days. This will enable password expiry for your Microsoft account after every 72 days.
- Click on the Save button to save the changes to settings and set your new password.
If you have enabled password expiry for your Microsoft Account, then it will expire your password exactly 72 days after you changed the password last time. You will be able to login using old password, but won’t be able to continue using Microsoft services without changing the password first.
Did you actually *read* the Microsoft post??
It says the exact opposite of what you describe! It says *don’t* regularly expire passwords.
It lists changing your password frequently as one of the measures taken against password theft. But it suggests not to force your users (if you are an IT admin) to change passwords frequently because they will reluctantly do so and pick an easier to guess weak password.
In the above post we suggested use of password generator to get your new password. Using a strong password generator eliminates those concerns.