Our organization wants to be able to enforce strong passwords beyond what is currently available using domain-level password policy. For example, we would like to filter out dictionary words, and prevent users from simply incrementing a number in their password each time it expires. For example, we don't want people to be able to have passwords like:
"Secure25", "Secure26", "Secure27"
etc. Is there anything above and beyond domain password policies that can accomplish this? Or is there anything coming in Windows 2016 or MIM that could help? We know MFA and Passport can greatly improve security, but we still want to address the issue of weak passwords. TIA for any suggestions!