What is happening
The security defaults setting for any tenant using legacy authentication will be turned on by May 8, 2023. To help protect your organization, we’re always working to improve the security of Microsoft cloud services. As part of this, we’re enabling the security defaults setting in your tenant that includes multifactor authentication, which can block more than 99.9 percent of identity attacks that attempt to compromise your accounts.
You will only need to setup MFA once, and you will be prompted for MFA any time your sign-in changes, to a location that is deemed ‘risky’ or any change is made which requires re-establishing your authentication session, such as signing into a browser on a non-Azure AD joined PC or not utilizing an application/device for a time, utilizing an new application or device, upgrading or activating your Office Suite.
What is Multi-Factor Authentication
Multi-factor authentication (MFA) is a security mechanism that requires users to provide two or more forms of identification before they can access an account or service. It is also known as two-factor authentication (2FA). The first factor is typically a password or PIN that the user knows, while the second factor can be something the user has, such as a physical token or a mobile device, or something the user is, such as biometric information like a fingerprint or face scan. By requiring multiple factors of authentication, MFA provides an additional layer of security that makes it more difficult for unauthorized individuals to access sensitive information or resources. Even if a password is compromised, an attacker would still need to provide the second factor to gain access. MFA is commonly used in online banking, e-commerce, and other high-security applications to protect user accounts from hacking, phishing, and other forms of cyber-attacks.
When you log in to your account, you’ll see a message prompting you to proactively enable security defaults. If you haven’t logged in or enabled this setting when that timeframe ends, we’ll enable it for you automatically.
Recommended action
After the setting has been turned on, everyone in your organization will need to register for multifactor authentication.
To avoid any confusion, please let your users know what to expect:
- When they sign into their account, they’ll see a prompt to install the Microsoft Authenticator app—they can choose to install it and follow the steps to register their account or defer the action. After 14 days, the option to defer will disappear.
- They’ll need to follow the How to set up the Microsoft Authenticator app steps to download the app on their mobile device, and then register their account with the app.
Read complete information about the security defaults setting. If you have questions or if you need help, contact support.
Instructions on how to set it up
Please click the following YouTube video on how to setup Microsoft Multi-Factor Authentiation: How to setup Windows MFA.
The following are the instructions from Microsoft:
The Microsoft Authenticator app is a free application that can be used for two-factor authentication (2FA) on Microsoft accounts and other services that support it. Here are the steps to use the Microsoft Authenticator app:
- Download and install the Microsoft Authenticator app from your device’s app store (Google Play Store or Apple App Store).
- Open the app and sign in with your Microsoft account.
- Follow the on-screen instructions to add a new account. You can either scan a QR code or manually enter a code provided by the service you want to enable 2FA for.
- Once you’ve added the account, the app will generate a six-digit verification code every 30 seconds.
- Whenever you need to log in to the service, you will be prompted to enter the verification code displayed in the app.
- You can also enable push notifications to receive alerts on your phone whenever someone tries to log in to your account.
Note that you should always keep your device secure and use a strong, unique password in addition to the Microsoft Authenticator app for added security.
My passion is to be a positive force that empowers businesses to achieve more through technology. I have over 30 years of experience of staying a head of the curve by finding innovative ways to empower businesses with the right technology solutions to become leaders in their industry. I built CTECH as an extension of that vision. Every day, my staff work and live in the environment where anyone, anywhere, on any device, at anytime can securely access any information and communicate/collaborate with anyone.