Forum Discussion
Security Defaults and MFA
One of the aims of security default was easy basic security enablement with much IT involvement, you just need to check one check box to enable but please read it carefully for any protection impact to users:
Thanks. I read through that. I went ahead and enabled security defaults since on 2/1/23 I had a Microsoft Azure popup that it would be automatically enabled in 13 days. I believe I also read one of the admin alerts that said that would be coming.
I thought where I administer MFA would change.
I also thought a couple months ago it noted I had to disable MFA in the legacy admin (under Users / Active Users / MFA at the top) before I control under Azure with Secuirty Defaults, but I cannot find that reference so I might be mistaken
In the article it notes the below.
Disabled MFA status
If your organization is a previous user of per-user based Azure AD Multi-Factor Authentication, don't be alarmed to not see users in an Enabled or Enforced status if you look at the Multi-Factor Auth status page. Disabled is the appropriate status for users who are using security defaults or Conditional Access based Azure AD Multi-Factor Authentication.
Mine Still shows Enforced under Users / Active Users / MFA at the top.