In a continuous effort to enhance security, Microsoft has begun rolling out enabled security defaults to all serviced customers globally. They stated this will begin with customers who do not have conditional access applied. With this rollout, Microsoft is requiring and enforcing multi-factor authentication (MFA) on all accounts, (users, admin, glass-break accounts, etc.) regardless of license. Users will be prompted to set up secondary authentication.

This can be disabled by removing the security defaults. This is not recommended as this will open organizations to external attacks.

What is Multi-Factor Authentication and Why Is It Being Enforced?

MFA is an extra layer of security that requires more than a password to log into an account, such as a code sent to your phone to verify the user’s identity. MFA offers a big boost of protection for user accounts against cyberattacks. Enhancing your network security with MFA can help keep your valuable data protected from cyberthreats.

What to Expect 

All users will be asked to register for MFA. Once the user is prompted for the first time, they have a 14-day grace period before they are required to finalize the setup. They will be required to use MFA each time they sign into their account in the future. Users are asked to register using the Microsoft Authenticator App.

How Users Can Set Up MFA App Authentication

If you need help communicating this to your team, feel free to use this instruction template. It will help users get set up with the Microsoft Authenticator app and receive push notifications for MFA verification.

Need help with cybersecurity?

The extra seconds it takes to use multifactor authentication to access your company systems is far better than dealing with stolen data or extended downtime, because cybercriminals leverage stolen credentials. Contact us to learn how we can help you reduce your security risk.