Large amount of attempted BAV2ROPC sign in

Hlynur Þór Gunnarsson 0 Reputation points

So in our enviroment we are enforcing MFA on users and also have legacy protocol sign in blocked.

We are seeing a lot of BAV2ROPC sign in attempts that are marked as failure. Just curious if the failure status is meaning the same thing as blocked because I see that they are getting an Error code 50053 which is for incorrect user ID or password.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,635 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JamesTran-MSFT 27,841 Reputation points Microsoft Employee

    @Hlynur Þór Gunnarsson

    Thank you for your post and I apologize for the delayed response!

    When it comes to your BAV2ROPC sign in attempts being marked as failure, can you share where you're seeing this - are you seeing these failures within the Azure AD Sign-in logs? If so, when it comes to the sign-in attempt(s) being marked as Failure (Success, Failure, or Interrupted), this wouldn't be the same thing as Blocked since this term would relate to a Conditional Access Policies grant control. For more info - Common Conditional Access policy: Block legacy authentication.

    User's image

    I hope this helps!

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.

    Additional Links:

    If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.