Forum Discussion

Carl1959's avatar
Carl1959
Copper Contributor
Feb 28, 2026

How to disable Microsoft Defender sign-in prompt.

We're using the default Microsoft Defender in Win 11 Pro on workstations on a domain network. On this network, access to things like OneDrive are just flat out not allowed for security reasons. User's can log in to things like the MS Store, Google accounts, etc. Every time a user logs on using their domain credentials they get a popup from the Microsoft Defender icon in the systray informing them they need to sign in for "best protection". Since they're not permitted to use "any" remote sites for things like data storage there is no need for them to sign in to "ANYTHING" remote. Presently the buttons present on the popup are "Sign In" and "Dismiss".  Per a GPO setup they flat out can't sign in even if they tried. But is there a way in GPO to completely eliminate this popup appearing? I've looked in GPO settings for Defender for both computer and user, but there's nothing that jumps out at me to indicate I can do this without totally and completely disabling Microsoft Defender entirely. TIA.
 - Carl

security

4 Replies

  • Treysil's avatar
    Treysil
    Iron Contributor
    Mar 09, 2026

    You're facing a common challenge in managed environments: balancing security requirements with user experience. The popup you're seeing is specifically tied to Microsoft Defender's cloud-delivered protection (formerly MAPS - Microsoft Active Protection Service), which encourages users to sign in to access enhanced cloud-based security features .

  • Jabarinni's avatar
    Jabarinni
    Copper Contributor
    Mar 04, 2026

    The popup is related to Microsoft Defender's cloud protection and telemetry features that prompt users to sign in. Disabling certain Defender features can prevent these prompts without turning off real-time protection.

    • Carl1959's avatar
      Carl1959
      Copper Contributor
      Mar 05, 2026

      For me to go around to 70-80 workstations throughout the complex is unrealistic in the work environment. Would help best to know how and what to disable via GPO. I've tried several different things and none of them has worked. Just to clarify if necessary, every time a user logs on they get a balloon type popup from the Windows Defender icon in the systray telling them they need to log in with their online account. This isn't permitted for security reasons I can't go into. All I want to do is get rid of the annoying popup that occurs every time a user logs on to the workstation. Thanks.