Administrative Roles in Office 365

Configure password expiration policy

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

Develop your talent with more than 10,000 online courses from LinkedIn Learning

Because Office 365 is a cloud-based service, we rely on Microsoft to maintain the security environment for your data which is stored in Office 365. Often the least secure route to gaining access to your data is through your users. It is important therefore, for you to think about the password policy that your users comply with when connecting to Office 365. In this video, we will explore why this is important and how to configure your Office 365 password expiration policy.

The likelihood that a password can become compromised increases with the amount of time that the password is in use. So it is important to consider your password expiration policy as this helps maintain data security. If left to user choice, your users would probably prefer never to change their password but I'm sure you can appreciate that this is not a very safe idea and is not recommended practice. We should therefore configure Office 365 password policy, which defines the cadence for how often your users need to change their passwords.

With Office 365, you only have two settings to choose from. These are, that all passwords never expire or you can select the number of days before passwords will expire. Let's take a look at these two options. You can configure Office 365 passwords to never expire. This is not recommended for production environments and it may even be against your company security policy, especially if your enterprise is regulated or audited.

You should have a robust reason for implementing this type of policy for your Office 365 tenant. The only scenario where I've seen this policy being used is within a training or test environment. If you decide to implement a policy where passwords expire, you can set the number of days before a password expires. The default is 90 days. This is also the password expiration duration that the PCI security standards council recommends.

You can also set the number of days that an email notification will be sent to the user before their password expires. The default is 14 days. A user can change their password at any time before the expiry. After expiry, they must change their password to continue using Office 365. These are the top-level steps that you'd need to configure a password expiration policy within Office 365. You need to log on to Office 365 admin portal as the global administrator.

Click on the admin tile, and then from the left menu bar, click on settings. Then click on security and privacy. On the security and privacy page, click edit. On the password policy page, amend the settings in the days before password expire field. You can modify or leave the days before user is notified about expiration and then click save. Let's drop onto our demo PC and take a look at how to configure a password expiration policy.

We'll open our browser and then type and sign in with an administrative account. We'll then click the admin tile. On the Microsoft 365 admin center home page, click settings in the left-hand side. We then want to click security and privacy, and on the security and privacy page, click edit. On the password policy page, we can either choose to set user passwords to never expire, using the toggle, or if we turn the setting off, we can then amend the settings in the days before passwords expire field.

The default is 90 days. Let's amend this to 60. We can also modify or leave the days before a user is notified about expiration. I'll leave this at 14 days and then click save. The password policy is then updated and this affects all users within our Office 365 subscription. In this video, we considered the different administrative roles available in Office 365 and the levels of permissions granted to each of these roles.

You saw how to assign administrative roles to a user and then explore the options available for organizations who may not have the internal resources required to manage their Office 365. They were able to outsource this to a Microsoft partner, using delegated administrators. Finally, we considered password expiration policies within Office 365 and how these can be configured.

LinkedIn Learning

LinkedIn Learning is an online learning platform that combines industry-leading content from with LinkedIn’s professional network of more than 500 million member profiles to provide highly personalized course recommendations and a more intuitive learning experience. Learn more.


  • Learn from recognized industry experts, and get the business, tech, and creative skills that are most in demand.

  • Receive personal recommendations based on your LinkedIn profile.

  • Stream courses from your computer or mobile device.

  • Take courses for every level – beginner to advanced.

  • Practice while you learn with quizzes, exercise files, and coding windows.

  • Provide learning for your team or entire organization, with an easy to use experience for managing users, curating content and measuring engagement

For businesses with 150+ licenses Request Office 365 onboarding assistance from FastTrack

You can request remote and personalized assistance with onboarding. Our FastTrack engineers will help you plan your Office 365 project, assess your technical environment, provide remediation guidance, and provide user adoption assistance. For businesses with at least 500 licenses, Microsoft also provides personalized assistance to migrate data to Office 365.

See the FastTrack Center Video:

Get started today:

Tip: Businesses with 1-149 licenses still have access to FastTrack guidance via links in the Admin Center and also available at

Learn how to keep your users secure and up to date by configuring cloud identity and authentication with Azure AD and Office 365, and enterprise-level mobile device management with Intune. This course covers key topics related to the administration of these services, including users, groups, policies, and roles, and maps to the related domain of Microsoft's Cloud Fundamentals certification exam (98-369). It's ideal for IT professionals responsible for their company's cloud operations as well as those pursuing certification for the first time. Follow along with Andrew Bettany as he covers creating user groups within both Office 365 and Intune, assigning administrative roles, and configuring mobile device management.

Topics include:

  • Understanding cloud identity and authentication

  • Managing Office 365 users and groups

  • Assigning administrative roles

  • Configuring password expiration policy

  • Exploring Service Health for Office 365 and Intune

  • Managing users and devices in Intune

  • Deploying Intune clients

  • Setting up mobile device management

  • Managing Intune policies

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.