However, at best this should be an interim solution until you are able to transition to Security Defaults or Conditional Access - all accounts without MFA represent a potential security risk as they are available with a single factor of authentication. Otherwise, if you really can't get everyone using MFA such that you can't use Security Defaults, you can use this approach to selectively enable MFA, such as on high privilege accounts - this is much better than not using MFA at all if Security Defaults doesn't work for you. If you have Azure AD Premium P1 licenses, there is no reason to use Legacy MFA - you should be using Conditional Access as it provides all the same features and flexibility but with far better support. Users are prompted for MFA on every login, regardless of what they're accessing. It allows you to enable MFA per-user and to create exceptions where necessary but is only configurable via a separate legacy web panel or PowerShell. Per-user (or legacy) MFA, as the name suggests, is no longer Microsoft's preferred option for using MFA in Microsoft 365.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |