I'm looking for advice from organizations that have implemented Microsoft Teams and use desk phones like Poly or Yealink. We have a policy that requires users to change their Active Directory passwords regularly. However, these phones require users to log in again after each password change, which I worry will lead to frustration. How do you manage this situation? Also, I've thought about whether there could be conditional access settings that might help, such as excluding phones from frequent password checks or rotating security tokens. Any suggestions?
5 Answers
One option is to avoid forcing password changes unless there's a real security concern. It's not really advisable to make frequent changes these days. If you seriously need to enforce it, users will have to log back in to their phones afterward, unfortunately. It's just part of the process.
Honestly, frequent password changes can strain the system, especially if users are forced to do it all the time. What frequency are you looking at? It can be manageable if they have cached credentials. Users shouldn’t have to deal with so many logins if it's not necessary.
These policies are a bit outdated. Unless a password has been compromised, there’s no need for frequent changes. Just encourage users to create strong passwords that are long and complex. It’s what the current best practices recommend.
For us, we require password changes every six months, and we haven’t really faced complaints. Most users are already logging into their emails or Teams on their mobile phones, so this doesn’t add too much to their workload.
There really isn’t a workaround that I know of. It can help if users can sign in via the device login page on their computers rather than battling with the tiny screen on the phone. Makes it a little less of a hassle.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures