Dec 13 2017 08:55 AM
MFA is enabled via Azure AD conditional access policies, but it seems like secure score is not recognizing that MFA is enabled via Azure AD conditional access policies and still indicates that MFA is not enabled and the update page in secure score takes you to the O365 portal to enable MFA for users.
Jan 03 2018 07:50 AM
Can anyone confirm if this is an issue with Secure score and if this will be fixed?
Jan 08 2018 03:06 PM
Hi Lavanya,
At this point Secure Score does not support conditional access scenarios for MFA. I have asked the team to add this to the backlog of controls we should support.
Sorry for the delay in getting back to you.
Apr 11 2018 08:10 AM
Is there anything like a roadmap item or something similar. It kind of messes up the whole "gamification" aspect, that this essential control doesn't score 🙂
Apr 20 2018 07:32 AM
Hi Philip,
Conditional access support for MFA is on our backlog of items we are looking into. I don't have any dates to share on this yet though.
Jun 06 2018 02:08 PM
I enabled MFA for all my users in the O365 Admin center four days ago and still haven't gotten the score for doing so. Half of my users have not logged in yet, so their status is still Enabled and not Enforced. I am not sure if they have to be Enforced for Secure Score to recognize it?
Jan 09 2019 07:11 AM
Any update to Conditional Access being reflected in Secure Score. I have several of my clients asking about this now as that the direction is to use Conditional Access over manually enabling MFA now. This issue has been recognized for a year now and I am looking for updates to provide our clients.
Thanks,
Aug 29 2019 12:06 PM
Any news on this @Anthony Smith (A.J.)
Our secure score is lacking many points, due to conditional access mfa is NOT recognized in Secure Score. please fix asap !!
Sep 24 2019 12:52 PM
Hello @Anthony Smith (A.J.), is there an update on this? We are a Microsoft Partner and CSP. There was a new requirement that came into effect Sept. 1st for all MPN Members to have MFA enabled across their tenant and CSP customers. We are now getting reports from Microsoft that tell us we are not in compliance with this new ruling even though we have MFA enabled for all of our clients in our tenant. Upon looking into it further, when we look in our customer's tenants in the AAD where we have some guest accounts to manage the client's Azure environment, their Azure Secure Score is reporting that our guest accounts do not have MFA enabled, but they do in our tenant. Is there a resolution for this as it sounds like it's related to the conditional access MFA mentioned in this thread. Thank you.
Jan 09 2018 07:23 AM
SolutionThanks for the confirmation.