This will occur only when users try to change or reset their password. At that time, the system will insist on a stronger password. Note that a list of banned passwords of easy-to-detect words will also be in place. For example, if you try to change your password to Ottawa, Geegee or uoCampus, you will receive a message like: “Unfortunately, you can't use that password because it contains words or characters that have been blocked by your administrator. Please try again with a different password”.
This initiative is part of a larger program to strengthen the security posture of the University. The improvements also include tactics such as changing MFA security controls, reviewing password policies, changing how long user sessions are valid, etc. Enhancing these security controls will help reduce the risk of cybersecurity incidents such as accounts being compromised, or large phishing campaigns being sent to the community. More details will be provided over the next few months.
The M365 Security Hardening project will introduce a series of changes to the Microsoft 365 environment and is expected to finish this phase in April 2024. Malicious attempts can only be thwarted through a concerted effort which includes the user community. Security is everyone’s responsibility.