Creating an Azure AD Multi Factor Authentication Policy

The ICT Guy 0
Azure AD Multi Factor Authentication Policy

The below steps will guide you through how to setup an Azure AD Multi Factor Authentication Policy to ensure your users are kept safe from phishing attacks. If you wish to exclude a location from this policy see how here.

Login to Azure AD as a global administrator

2021 01 15 15 46 22 Home Microsoft Azure InPrivate Microsoft​ Edge

Click Security down the left hand side panel

2021 01 15 15 46 33 Venn Academy Trust Microsoft Azure InPrivate Microsoft​ Edge

Click + New policy

2021 01 15 15 48 17 Conditional Access Microsoft Azure InPrivate Microsoft​ Edge

Enter a name for your new MFA Policy

2021 01 15 16 00 53 Grant Microsoft Azure InPrivate Microsoft​ Edge

Under Assignment select users and groups and specify the Security group or users to apply the policy to. Or select All users.

2021 01 15 16 06 02 MFA Policy Microsoft Azure InPrivate Microsoft​ Edge 1

Click Access Controls

2021 01 15 16 08 29 Grant Microsoft Azure InPrivate Microsoft​ Edge

Select Grant access and tick Require multi-factor authentication

2021 01 15 16 00 59 Grant Microsoft Azure InPrivate Microsoft​ Edge

Chose to either leave the policy in report mode only for previewing the “What If” the policy was enabled or go ahead and enable the policy and click Create.

2021 01 15 16 01 09 Grant Microsoft Azure InPrivate Microsoft​ Edge

The next time user login to 365 they will be prompted to enter more information in the form of a mobile number or an enrolment into the Microsoft Authentication App.

Found priceless insights in this blog? Support the author’s creativity – buy them a coffee!

Tags: , , , ,

More

Force update Azure AD Dynamic Group membership

The ICT Guy 0
migrate azure ad connect new server 01 1

FIXED: msExchHideFromAddressLists not syncing to Office 365 via ADConnect

The ICT Guy 0
not advertising as a time server

FIXED: Group Policies not applying due to PDC not advertising as a time server

The ICT Guy 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Identifying MFA-Enabled Domains

Email Security Analysis: A PowerShell Approach to Identifying MFA-Enabled Domains

The ICT Guy 0
convert unleashed to cloud

Convert ruckus unleashed to cloud in simple easy to follow steps

The ICT Guy 0
Sophos System Protection Service

FIXED: Sophos System Protection Service (SSPService.exe) has high RAM Usage when using Splashtop

The ICT Guy 0
Office 365 Distribution Group Management

Automating Office 365 Distribution Group Management with PowerShell

The ICT Guy 0
NSW ConfigEdit Wizard

Simplifying Netsweeper Configuration with the NSW ConfigEdit Wizard PHP Script

The ICT Guy 0