配置 Azure Active Directory B2C 中的密码复杂性要求Configure complexity requirements for passwords in Azure Active Directory B2C

Azure Active Directory B2C (Azure AD B2C) 支持更改由最终用户在创建帐户时提供的密码复杂性要求。Azure Active Directory B2C (Azure AD B2C) supports changing the complexity requirements for passwords supplied by an end user when creating an account. 默认情况下,Azure AD B2C 使用 Strong 密码。By default, Azure AD B2C uses Strong passwords. 此外,Azure AD B2C 还支持用于控制客户可以使用的密码复杂性的配置选项。Azure AD B2C also supports configuration options to control the complexity of passwords that customers can use.

密码规则强制实施Password rule enforcement

在注册或密码重置期间,最终用户必须提供符合复杂性规则的密码。During sign-up or password reset, an end user must supply a password that meets the complexity rules. 根据用户流要求,需强制实施密码复杂性规则。Password complexity rules are enforced per user flow. 可能有一个用户流在注册期间需要一个四位数的 pin,而另一个用户流在注册期间需要一个八字符的字符串。It is possible to have one user flow require a four-digit pin during sign-up while another user flow requires an eight character string during sign-up. 例如,可以使用针对成人(而非儿童)的不同密码复杂性的用户流。For example, you may use a user flow with different password complexity for adults than for children.

在登录期间绝不会强制实施密码复杂性。Password complexity is never enforced during sign-in. 登录时不会提示用户更改密码,因为它不符合当前的复杂性要求。Users are never prompted during sign-in to change their password because it doesn't meet the current complexity requirement.

可在以下类型的用户流中配置密码复杂性:Password complexity can be configured in the following types of user flows:

  • 注册或登录用户流Sign-up or Sign-in user flow
  • 密码重置用户流Password Reset user flow

配置密码复杂性Configure password complexity

  1. 登录到 Azure 门户Sign in to the Azure portal.
  2. 在门户工具栏中选择“目录 + 订阅”图标,然后选择包含 Azure AD B2C 租户的目录 。Select the Directory + Subscription icon in the portal toolbar, and then select the directory that contains your Azure AD B2C tenant.
  3. 在 Azure 门户中,搜索并选择“Azure AD B2C” 。In the Azure portal, search for and select Azure AD B2C.
  4. 选择“用户流”****。Select User flows.
  5. 选择一个用户流,然后单击“属性” 。Select a user flow, and click Properties.
  6. 在“密码复杂性” 下,将此用户流的密码复杂性更改为“简单” 、“强” 或“自定义” 。Under Password complexity, change the password complexity for this user flow to Simple, Strong, or Custom.

比较图表Comparison Chart

复杂性Complexity 说明Description
简单Simple 为至少 8 到 64 个字符的密码。A password that is at least 8 to 64 characters.
Strong 为至少 8 到 64 个字符的密码。A password that is at least 8 to 64 characters. 它需要 4 个小写字母、大写字母、数字或符号中的 3 个。It requires 3 out of 4 of lowercase, uppercase, numbers, or symbols.
“自定义”Custom 此选项提供了对密码复杂性规则的最大控制。This option provides the most control over password complexity rules. 可以配置自定义长度。It allows configuring a custom length. 还可以接受仅为数字的密码 (pin)。It also allows accepting number-only passwords (pins).

自定义选项Custom options

字符集Character Set

允许你接受仅为数字 (pin) 或完整的字符集。Allows you to accept digits only (pins) or the full character set.

  • “仅数字” 仅限输入数字 (0-9) 密码。Numbers only allows digits only (0-9) while entering a password.
  • “所有” 则允许任何字母、数字或符号。All allows any letter, number, or symbol.

LengthLength

允许你控制密码的长度要求。Allows you to control the length requirements of the password.

  • 最小长度 必须至少为 4。Minimum Length must be at least 4.
  • 最大长度 必须大于或等于最小长度,最多可包含 64 个字符。Maximum Length must be greater or equal to minimum length and at most can be 64 characters.

字符类Character classes

允许你控制密码中使用的不同字符类型。Allows you to control the different character types used in the password.

  • 4 选 2:小写字符、大写字符、数字 (0-9)、符号确保密码包含至少两种字符类型。2 of 4: Lowercase character, Uppercase character, Number (0-9), Symbol ensures the password contains at least two character types. 例如,数字和小写字符。For example, a number and a lowercase character.

  • 4 选 3:小写字符、大写字符、数字 (0-9)、符号确保密码包含至少三种字符类型。3 of 4: Lowercase character, Uppercase character, Number (0-9), Symbol ensures the password contains at least three character types. 例如,数字、小写字符和大写字符。For example, a number, a lowercase character and an uppercase character.

  • 全部 4 个:小写字符、大写字符、数字 (0-9)、符号确保密码包含所有字符类型。4 of 4: Lowercase character, Uppercase character, Number (0-9), Symbol ensures the password contains all for character types.

    备注

    要求“全部 4 个” 可能会对最终用户造成困扰。Requiring 4 of 4 can result in end-user frustration. 某些研究表明此要求不会改善密码熵。Some studies have shown that this requirement does not improve password entropy. 请参阅 NIST 密码指南See NIST Password Guidelines