What happens on October 1 when Microsoft turns on security defaults to clients that have Per User MFA (Office 365) enforced?

Question

What happens on October 1 when Microsoft turns on security defaults to clients that have Per User MFA (Office 365) enforced?

Luth Jack 46

We have E1 and E3 users that have per user mfa enabled on their accounts. What happens to these accounts on October 1 2022 when security defaults are turned on for everyone?

Carlos Solís Salazar 18,376 Reputation points MVP

2022-09-08T20:39:15.8+00:00

Can you share the reference of your research?
Luth Jack 46 Reputation points

2022-09-08T21:13:32.127+00:00

This answer conflicts with what I have been told by Office 365 support providers. I have been told that they were disabling basic authentication and turning on modern authentication with security defaults for all Office 365 accounts. Once security defaults has been turned on, all per user mfa clients in Office 365 will need to re-register. Is this not correct?
Dillon Silzer 60,836 Reputation points Volunteer Moderator

2022-09-08T21:47:02.683+00:00

You are probably referring to the following table, which enabling security defaults is one way to deal with turning off basic authentication.

https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#what-if-i-want-to-block-basic-authentication-now

Answer accepted by question author

0 additional answers

Your answer

Carlos Solís Salazar 18,376 Reputation points MVP

2022-09-08T20:39:15.8+00:00

Can you share the reference of your research?
Luth Jack 46 Reputation points

2022-09-08T21:13:32.127+00:00

This answer conflicts with what I have been told by Office 365 support providers. I have been told that they were disabling basic authentication and turning on modern authentication with security defaults for all Office 365 accounts. Once security defaults has been turned on, all per user mfa clients in Office 365 will need to re-register. Is this not correct?
Dillon Silzer 60,836 Reputation points Volunteer Moderator

2022-09-08T21:47:02.683+00:00

You are probably referring to the following table, which enabling security defaults is one way to deal with turning off basic authentication.

https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#what-if-i-want-to-block-basic-authentication-now

Answer 1

Hi @Luth Jack

The October 1, 2022 change is the depreciation of basic authentication, not turning on MFA. This means, authentication to Exchange (Office 365) will require minimum software that provides modern authentication capabilities. Modern authentication supports MFA, but does not inherently enforce it.

The following section describes what clients have this capability:

Reference to the article https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online#outlook-mapi-rpc-and-offline-address-book-oab

------------------------------------------------

If this is helpful please accept answer.

Share via

What happens on October 1 when Microsoft turns on security defaults to clients that have Per User MFA (Office 365) enforced?

0 additional answers

Your answer