Oct 15 2020
- last edited on
Feb 19 2021
Thank you in advance for taking a look at my case.
I've gotten the project to upgrade the security at our company, therefor have I started to implement MFA. The company has 200~ users world-wide, so that isn't done within a day. Therefor have I started to enforce MFA for the administrators. Unfortunately do I not get all the points for it? So when I took a second look at it I saw that we have 6 out of 10 administrator users that have MFA enforced, well all our IT guys have MFA enforced 3 weeks ago so that isn't it. So with an powershell script did I output all the administrators and came across these accounts for the sync, are these the accounts I have been looking for? And how do I use MFA on sync accounts? With app passwords?
Pleas let me know what the most secure way to do is.
Oct 15 2020 09:29 AMSolution
Those look like the service principal objects for the corresponding service, you cannot enforce MFA there. But I wouldnt worry about the secure score too much, it has been known to "lag" or even show incorrect data at times.