25,148 questions
No, the already registered accounts will be able to just use MFA, as needed. Whether/when they will be prompted for MFA depends on what you configure within Conditional access.
Effects of turning off Security Defaults
Jim Goyette
26
Reputation points
We turned on Azure AD Security Defaults about a week ago but now need to turn it off and configure conditional access policies for MFA. About half of our accounts have registered for MFA authentication. Will our already registered accounts need to re-register after turning off Security Defaults and enabling conditional access policies? Will MFA authentication be enforced immediately after enabling conditional access policies or will there be a delay as with Security Defaults implementation?
Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} vote
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2024-05-06T11:19:33.3466667+00:00 Security Defaults already enabled for our organization users, but now we should test Conditional Access on certain users. My question is if we disable Security Defaults, will MFA also be disabled?
Sign in to comment
Accepted answer
-
Vasil Michev 119.7K Reputation points MVP Volunteer Moderator2022-08-03T07:36:09.37+00:00
1 additional answer
Sort by: Most helpful
-
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator2022-08-08T20:47:12.747+00:00 @Jim Goyette
Thank you for your post and I apologize for the delayed response!Will our already registered accounts need to re-register after turning off Security Defaults and enabling conditional access policies?
- Adding onto what @Vasil Michev mentioned, the users that have already registered for MFA when you had Security Defaults enabled won't have to re-register authentication methods.
Additional Links:
Security defaults in Azure AD
Conditional Access
Create a Conditional Access policy---------------------------------
Will MFA authentication be enforced immediately after enabling conditional access policies or will there be a delay as with Security Defaults implementation?
- Once you create your Conditional Access policy and activate that policy; as mentioned by michev, depending on what you've configured (apps, users, location, etc.) this will depend on when users are prompted for MFA.
Additional Links:
Test Azure AD Multi-Factor Authentication
Plan a Conditional Access deployment
Conditional Access: Require MFA for all users
Manage emergency access accounts in Azure ADIf you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.