From e693186d6e676e66bbed5999fbdf664386693a30 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Thu, 22 Oct 2020 10:47:19 +0500
Subject: [PATCH] Update maximum-password-age.md

---
 .../security-policy-settings/maximum-password-age.md           | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
index 2e2b5f172a..0f92c2bbd8 100644
--- a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
+++ b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md
@@ -39,6 +39,9 @@ The **Maximum password age** policy setting determines the period of time (in da
 
 Set **Maximum password age** to a value between 30 and 90 days, depending on your environment. This way, an attacker has a limited amount of time in which to compromise a user's password and have access to your network resources.
 
+> [!NOTE]
+> Security baseline recommended by Microsoft doesn't contain the password-expiration policy, as this mitigation is less effective than modern ones. However, companies that didn't implement Azure AD Password Protection, multifactor authentication or other modern mitigations of password-guessing attacks, should leave this policy effective.
+
 ### Location
 
 **Computer Configuration\\Windows Settings\\Security Settings\\Account Policies\\Password Policy**