If your users are too stupid to be able to open an app every 30 days and tap a code to copy/paste it, they shouldn't have mobile access. SMS auth is better than no auth, but is ultimately a bad idea. From there she could have asked for all kinds of things to take be able to monitor or take over any of our numbers. That's how easy it is to take over a mobile plan. I literally asked them how they knew I was CisoPollo and the rep said "AP Admin said you were." I kid you not. She only had to supply our account number at the beginning of the call and they took zero steps to validate I was really the person they were supposed to get approval from. She conferenced me in, they asked "Is it OK if AP admin makes changes to your account", I said yes and they disconnected. They needed to confirm she was allowed and asked if I was available to approve the changes. The other day my AP admin was calling into Verizon to fix some billing issues. A user's 14-day period begins after their first successful interactive sign-in after enabling security defaults. After the 14 days have passed, the user can't sign in until registration is completed. Users have 14 days to register for Azure AD Multi-Factor Authentication by using the Microsoft Authenticator app. Unified Multi-Factor Authentication registrationĪll users in your tenant must register for multi-factor authentication (MFA) in the form of the Azure AD Multi-Factor Authentication.
#CHANGE SECURITY DEFAULTS OFFICE 365 HOW TO#
So, if you could tell me how to otherwise automate enforcing MFA via SMS, that would suffice.
#CHANGE SECURITY DEFAULTS OFFICE 365 MANUAL#
I'm trying to automate the new user creation process with PowerAutomate so this manual step is a roadblock to my workflow. Ultimately, I'm just trying to avoid having to go to the MFA portal ( ) to enforce MFA every time I create a new user - without having to pay to upgrade to Azure AD Premium. I do have strongly worded documentation written up to convince users to switch to the app if they so choose.
The majority of our team isn't very tech savvy so I question if they're capable of installing and understanding how to use an MFA app. It seems as though enabling Security Defaults (Azure Active Directory > Properties > Manage Security Defaults >Enable Security defaults) requires MFA through an authentication app.
0 kommentar(er)
