Information
This policy setting configures the use of strong passwords to unlock mobile devices before they can connect via ActiveSync to an Exchange server.
Rationale:
Allowing simple passwords can make it easier for an attacker to correctly guess them.
Impact:
Users will be forced to use strong passwords.
Note: This is a mobile device management setting. Use caution when applying these settings as they could have adverse effects depending on the environment, and internal policies around bring your own device (BYOD). These policies could affect a user's BYOD.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-MobileDeviceMailboxPolicy 'Profile' -AllowSimplePassword $false
OR
Perform the following actions:
Launch the EAC (Exchange Administrative Center).
Go to 'Mobile' on the left and click on the 'Mobile device mailbox policies' tab.
Double-click the policy you wish to modify and go to the 'Security' settings.
Ensure the Allow simple passwords box is not checked and click Save.
Default Value:
True