A major feature folks have been requesting from ExchangeDefender for a long time is better password policies. The first step in that direction is going to be having the ability to support password expiration. We have moved forward with this request as we realize the importance of forcing password changes on a security platform. One feature that was implemented recently that you guys might have seen pop up in your admin portal is domain Password Expiration.
If you navigate to a specific domain’s configuration you can see you now have the option to implement 30, 60, or 90 day password expiration for all the users on a domain. Initially when the feature is enabled it will tag all the current accounts on the domain / domain aliases, then depending on what option you selected 30,60,90 days out upon logging into the admin portal it’ll require the user’s to change their password before allowing any other functionality. Clients can be proactive about changing their password regularly and avoid the prompt by using the Password Change in their own settings after logging into the portal.
However, I think we know that that will not generally be the case. Once their password has expired upon logging into the Admin Portal they will be redirected to change their password before they will be allowed to login.
If you have any questions regarding this feature email me at firstname.lastname@example.org