The security defaults setting for your xxxxx tenant will be turned on by May 8, 2023

Question

The security defaults setting for your xxxxx tenant will be turned on by May 8, 2023

abel.alvarez 21

I see MS is going to activate this automatically. Are we being forced to use this setting? Or can we disable / revert so that our users who cannot use MFA can still get access?

Thank you in advance!

Associação Congregação de Santa Catarina 0 Reputation points

2024-06-05T16:27:20.9366667+00:00

Hi @abel.alvarez . Please, I have the same issue and it is near ho happen. Could you disable after MS has enabled it?

Thank you.
MZ123 20 Reputation points

2024-06-05T16:53:45.6233333+00:00

Yes, you can.

Accepted answer

3 additional answers

Your answer

Associação Congregação de Santa Catarina 0 Reputation points

2024-06-05T16:27:20.9366667+00:00

Hi @abel.alvarez . Please, I have the same issue and it is near ho happen. Could you disable after MS has enabled it?

Thank you.
MZ123 20 Reputation points

2024-06-05T16:53:45.6233333+00:00

Yes, you can.

Answer 1

JamesTran-MSFT 36,911 Microsoft Employee Moderator

@abel.alvarez

Thank you for your post!

When it comes to the email that you received, I found some similar internal issues and have reached out to the MFA Product Team to confirm if this is a forced feature or if this can be disabled.

In the meantime, on May 8th, if your tenant isn't leveraging Security Defaults, Conditional Access Policies, etc..., the Security Defaults feature will be enabled automatically. However, from my understanding after this is enabled, you should still be able to disable Security Defaults, so that your users who can't use MFA can still get access to your Azure AD tenant.

User's image

I hope this helps!

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

Additional Links:

Emergency access accounts - In addition to the recommended action(s), I'd also make sure you have emergency accounts to prevent being locked out of your Azure tenant.
Raising the Baseline Security for all Organizations in the World

If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.

JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2023-05-02T19:01:59.72+00:00

@abel.alvarez

Thank you for your time and patience on this!

I received a response from our Product Group and it's possible to disable Security Defaults after it's enabled. However, since we're always working to improve the security of Microsoft cloud services, if you aren't leveraging CA Policies, Security Defaults, etc., to protect your tenant, you'll receive this email again in the future.

I hope this helps!

If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
abel.alvarez 21 Reputation points

2023-05-03T16:28:40.23+00:00

Thank you very much. I appreciate the information from both responders, especially this one with all of the detail .

Appreciate it!

Answer 2

TP 126.2K Volunteer Moderator

Hi,

Yes, you can disable Security Defaults if you need to.

If the above is useful please click Accept Answer.

Thanks.

-TP

abel.alvarez 21 Reputation points

2023-05-03T16:27:30.5266667+00:00

Thank you!
TP 126.2K Reputation points Volunteer Moderator

2023-05-03T18:55:31.0966667+00:00

@abel.alvarez You are welcome. I was able to give you the correct answer within 5 minutes after you asked the question because I have actual first-hand experience dealing with this with my own plus client subscriptions auto-enabling security defaults earlier this year.

Note: Security defaults could always be disabled since it is required to be disabled in order to use Conditional Access, which is preferred where possible.

Answer 3

Hasan Tan 1

Why are tenants that have conditional access policies in place receiving this notification? is this in error?

Answer 4

MZ123 20

@abel.alvarez , @TP can you, please, share your expierence with this?

Can you disable Security Defaults after it is enabled automatically or manually?

And after disabling it, will admin account succesufully login to admin portal? No more pop up messages saying that you must enable security defaults?

I cannot login to admin portal now, because pop up message is telling that I must enable Security Defaults, cant even skip.

We are not ready for forced MFA for all users. (free Azure Ad, using per user MFA for some users)

Associação Congregação de Santa Catarina 0 Reputation points

2024-06-05T16:01:51.9433333+00:00

Hi @MZ123 , I have exatly the same problem. Can you help me saying how was your experience with this? Was the security defaults really enabled? Were you able to disable it later?

Thank you.

Share via

The security defaults setting for your xxxxx tenant will be turned on by May 8, 2023

3 additional answers

Your answer