authentication

What admins should know about the combined registration portal for Azure MFA and Self Service Password Reset

The (long) title pretty much reveals the purpose of this blog post. This one was on my to-do list for a while now, and now the combined registration portal is General Available, the time was there. In my previous MFA related blogs, I always encouraged my readers to turn on the combined registration portal, even when it was in public preview. But if you start using this portal, there are quite some settings that can change the user experience of… 

Microsoft Secure Score Series – 06 – Enable policy to block legacy authentication

Today, most compromising sign-in attempts come from legacy authentication. Older office clients such as Office 2010 don’t support modern authentication and use legacy protocols such as IMAP, SMTP, and POP3. Legacy authentication does not support multi-factor authentication (MFA). Even if an MFA policy is configured in your environment, bad actors can bypass these enforcements through legacy protocols. In this blog post, we take a look at legacy authentication and how to block it on your tenant. Legacy protocols are not…