User Profile
JonasBack
Iron Contributor
Joined 10 years ago
User Widgets
Recent Discussions
Re: E-mail encryption OME Support Req OTP Read E-mail internal Org Microsoft365 ?
There is no need to send an OTP when someone in your organization or any other organization with Microsoft 365 since the USER opening the e-mails is authenticated as the user. OTP via email is only used as a last resort if the user can't be authenticated in other ways.848Views0likes0CommentsRe: Anti-spam inbound policy working differently without intervention
Could it be Announcing New DMARC Policy Handling Defaults for Enhanced Email Security? https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-new-dmarc-policy-handling-defaults-for-enhanced-email/ba-p/38788831.2KViews0likes4CommentsRe: Report Message Add-in going away?
Dhairyya_Agarwal Any news on the ETA on this? I just notice that if I reported a message using the built-in reporting mechanism on Outlook Desktop on Windows it turned up ni the security.microsoft.com > Actions & Submissions > Submissions > User reported so maybe we're getting close in not needing the Report Message Add-in anymore?2.9KViews0likes1CommentRe: Azure AD Identity Protection Weekly Digest - Change to Daily
Create notification alert for Incidents in security.microsoft.com > Incidents. By default High risk Identity Protection alerts will turn up in this queue but you can change this to also include lower risks: https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/identity-protection-alerts-now-available-in-microsoft-365/ba-p/36609972.1KViews0likes1CommentRe: Azure B2B account accessing Exchange365 Shared Mailbox
Not possible to do this: https://learn.microsoft.com/en-us/microsoft-365/admin/email/about-shared-mailboxes?view=o365-worldwide ” External users: You can't give people outside your business (such as people with a Gmail account) access to your shared mailbox.”6.2KViews0likes4CommentsRe: Microsoft Authenticator App - restore on new phone?
If you allow SMS/Phone Call they can sign in using this method. If you ONLY allow Microsoft Authenticator the user needs to call the helpdesk to get their MFA methods reset and add a new Microsoft Authenticator on a new phone they get from somewhere. Of course, there are other alternatives too like FIDO2, Softeare/hardware OATH tokens but that is additional stuff.8.3KViews1like1CommentRe: Microsoft Authenticator App - restore on new phone?
Also, Work Accounts are never completely backed up/restored. They need to approve the account sign in from the old phone or alternative method. I assune this is a security decision so that MFA methods for work accounts are not stord in iCloud for example for iOS devices.8.3KViews1like3CommentsRe: Is it good (or best) practice to exclude your office IP address from MFA requirements?
I think you should always require MFA even if coming from your IP. If you do MFA right you shouldnt be bothered by MFA authentication requests very often. The default is a rolling 90 days Window so as long you’re active more often than that you shouldn’t need to MFA often….2.3KViews1like0CommentsRe: No workaround for Authenicator 2FA being required, but Authenticator not a viable option.
I don’t know how you can’t get help over the phone. I called them this week helping a customer that forgot their username to sign in and I successfully got help over the phone. It took a few calls to prove we actually were the owner of the tenant (which I like… they shouldnt trust anyone with that :)) but I got help at least - no Authenticator needed.2.4KViews0likes1Comment
Recent Blog Articles
No content to show