Large amount of attempted BAV2ROPC sign in

Hlynur Þór Gunnarsson 0 Reputation points
2023-03-16T10:49:53.12+00:00

So in our enviroment we are enforcing MFA on users and also have legacy protocol sign in blocked.

We are seeing a lot of BAV2ROPC sign in attempts that are marked as failure. Just curious if the failure status is meaning the same thing as blocked because I see that they are getting an Error code 50053 which is for incorrect user ID or password.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,514 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 36,536 Reputation points Microsoft Employee
    2023-03-20T23:09:20.6+00:00

    @Hlynur Þór Gunnarsson

    Thank you for your post and I apologize for the delayed response!

    When it comes to your BAV2ROPC sign in attempts being marked as failure, can you share where you're seeing this - are you seeing these failures within the Azure AD Sign-in logs? If so, when it comes to the sign-in attempt(s) being marked as Failure (Success, Failure, or Interrupted), this wouldn't be the same thing as Blocked since this term would relate to a Conditional Access Policies grant control. For more info - Common Conditional Access policy: Block legacy authentication.

    User's image

    I hope this helps!

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.


    Additional Links:


    If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.

    1 person found this answer helpful.