Tag multi-factor authentication

21/01/2021

How to Enable “Security Defaults” in Azure and Office 365

By Steve inActive Directory, Azure AD, Azure Security, Cloud & Datacenter Management, Conditional Access, Enterprise Security, Microsoft Azure, Office 365, Office Apps & Services, Office365, Security & Compliance, Security & Compliance Tag 365, Azure, Azure AD Multi-Factor Authentication, Basic Auth, Blocking legacy authentication protocols, Defaults, Legacy, MFA, Modern Authentication, MS Azure, MS365, multi-factor authentication, Office 365, Org Settings, Protecting privileged activities, Security, Security Defaults

Security Defaults in Azure Portal. IMPORTANT, SECURITY DEFAULTS IS NOT ALWAYS ENABLED BY DEFAULT. YOU MUST CHECK YOUR SETTINGS

What does Security Defaults give you? Security Defaults when enabled provide the following preconfigured security settings:

Requiring all users to register for Azure AD Multi-Factor Authentication.
Requiring administrators to perform multi-factor authentication.
Blocking legacy authentication protocols.
Requiring users to perform multi-factor authentication when necessary.
Protecting privileged activities like access to the Azure portal.

Azure Active Directory security defaults | Microsoft Docs

How do you enable? Azure Active Directory > Properties > Manage Security Defaults > Yes > Save

Useful links:

Discovering and blocking legacy auth:
Discovering and blocking legacy authentication in your Azure and Microsoft 365 subscriptions – Jussi Roine

Understanding Modern vs Legacy auth:
Understanding Modern vs. Legacy Authentication in Microsoft 365 – Ru365 (campbell.scot)