cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Set 2FA NOT to accept older apps

Iivo Kerminen
Brass Contributor

‎Sep 28 2018 02:06 AM - last edited on ‎Feb 01 2023 09:32 AM by

‎Sep 28 2018 02:06 AM - last edited on ‎Feb 01 2023 09:32 AM by

Set 2FA NOT to accept older apps

Hi

 

How can I set 2FA NOT to accept older apps?

 

I read that this could be possible but how exactly?

Labels:
905 Views
0 Likes
2 Replies
Reply
2 Replies
Ben Stegink

‎Sep 28 2018 05:58 AM

‎Sep 28 2018 05:58 AM

Re: Set 2FA NOT to accept older apps

Livo,

     Guessing you are asking about blocking those older apps that don't support modern authentication.

 

This can be done leveraging Intune and Conditional access.  There are two different scenarios based on if you are using ADFS or not.  I would start here - https://docs.microsoft.com/en-us/intune/app-modern-authentication-block.

 

That article contains to links, one on how to set it up for ADFS and another how to set it up using Azure AD Conditional Access.

 

If you are just looking for force all users to use 2FA to authentication, that can also be done with Conditional Access in MFA by setting a policy where the can only connect if using 2FA.

 

Just be aware, both of these also require some additional licensing with one of the Enterprise Mobility + Security SKUs for Office 365 if you don't already have it.

 

Hope that helps

0 Likes
Reply
Vasil Michev

‎Sep 28 2018 04:27 PM

‎Sep 28 2018 04:27 PM

Re: Set 2FA NOT to accept older apps

You can actually use CA to block legacy auth across the board now, so no need for anything else: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/conditions#legacy-authent...

 

 

0 Likes
Reply