Question

You have an Azure AD tenant named contoso.com that contains a user named Ben Smith.

You configure a Password protection for contoso.com that includes the following Custom banned passwords settings:
Enforce custom list: Yes
Custom banned password list: Contoso
Which password can be used by Ben Smith?
o c0nt0s0123
o contoso123
o conto123so
o fgrs01

Answer 1

Ben Smith can use the password 'fgrs01' for his Azure AD account on contoso.com, as it doesn't contain the banned word 'Contoso' or any of its variations. Passwords that closely resemble the banned word are prohibited by the custom banned password list settings.

Step-by-step explanation:

The question pertains to which password Ben Smith can use for an Azure AD tenant named contoso.com, which has a custom banned password list with 'Contoso' included in it. As per the custom banned password settings, any password containing the word 'Contoso' or any derivative formed by replacing characters with visually similar symbols or numbers (e.g., 'c0nt0s0') would be banned. Therefore, the password fgrs01 is appropriate for use by Ben Smith because it does not contain the word 'Contoso' or any variation of it as per the set rules.

Passwords such as 'c0nt0s0123', 'contoso123', and 'conto123so' are based on the banned word 'Contoso' and thus would be rejected by Azure AD's password protection system. The custom banned password list aims to prevent easy-to-guess passwords that could compromise the security of the user's account.