Forum Discussion
All users receive "Your organization needs more information to keep your account secure" when logon
- Feb 11, 2020
Thank you for the hint.
Finally solved by:
Azure Active Directory > Properties
Manage security defaults
set Enable security defaults to No
SimBur2365
None of your suggestions make any sense for my scenario. I can't login to Teams with MY account even though I'm the org admin. We don't use Exchange online, we have Exchange on prem. I already have 2FA enabled for my account. After approving in the MS authenticator app I get the message "Your organization needs more information to keep your account secure."
Well, what f***** information does it want?
d_logaan you just told me the problem... you are using an admin account for your day to day use. Create yourself a could-only account email address removed for privacy reasons. This doesn't need to be licensed. Give it a 32+ character password. Assign only the admin roles you need (not Global Admin). Create a browser profile in edge or chrome so you can easily switch to that account when required for admin tasks. Now create an emergency admin account (two even better)... with 64+ character passwords and save them in a password vault or similarly secure location. Only use those when you must have Global Admin rights to perform a task (this will not be very often).
Now remove any admin roles from your day to day account so that if you get compromised they can't highjack your entire tenant.
If you don't want to do that then go to https://myaccount.microsoft.com and register another couple of methods like SMS and Email.
Cheers 😃
PS - IMO it's becoming a no-brainer to go for Business Premium for up to 300 users, or an AD Premium add-on for more than 300. Having the granular control over these settings is worth it, and you get full Defender Antivirus, phishing and DLP protection etc. Appreciate that may not fit your scenario for some reason.