Azure AD Password Protection
If you are an Azure Active Directory customer, you already have access to this new function called Azure Active Directory Password Protection, formerly known as banned passwords. The idea is this: Microsoft maintains a global ongoing list of commonly bad passwords (such as the word password) and automatically blocks all variants of that password, such as P@ssword, Password123, and so on. Any of these potential passwords would be blocked altogether if a user ever tried to create one as their own password. You also have the ability to add your own custom banned passwords inside the Azure Active Directory interface. Once you have banned passwords up and running in Azure, this capability can then be ported to your on-premises Active Directory environment as well, by implementing the Azure Active Directory Password Protection proxy service (whew, that's a mouthful). This proxy interfaces between your on-premises domain controllers and your Azure Active...