There are certain things we admins need to unlearn 👀 when we move to the cloud. Account lockout is one such thing 👇

The old account lockout was not very smart 😉.

It locked out the entire user account when incorrect attempts were made which resulted in the legitimate user being locked out of their email and all other apps.

Entra ID's smart lockout on the other hand blocks just the attempts coming from the endpoint that is trying to sign in with the wrong password. The legitimate user is not impacted and can remain productive.

What this means is the settings you used on-prem for account lockout don't carry over directly to the cloud.

For example, if the first sign-in after a lockout period has expired also fails, the account locks out again. If an account locks repeatedly, the lockout duration increases in Entra ID.

Note: While smart lockout doesn't guarantee that a genuine user is never locked out. When smart lockout locks a user account, it tries its best to not lock out the genuine user. 

You know the best part is that Smart Lockout is enabled by default in ALL Entra ID tenants, even the FREE ones 😘

Do you still suffer from account lockouts when you change passwords? Move to Entra ID for a much better experience.

Did you enjoy this post? Please like and repost to share with others. Thanks 🙏

Learn more at https://learn.microsoft.com/en-us/entra/identity/authentication/howto-password-smart-lockout