check before: 2023-06-15
Product:
Azure Active Directory, Entra ID
Platform:
Developer, World tenant
Status:
Change type:
Admin impact, Feature update, Updated message
Links:
Details:
Updated June 30, 2023: We have updated the rollout timeline below. Thank you for your patience.
In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations.
To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method.
[When this will happen:]
We will begin rolling out in early July (previously late June) and expect to complete by early August (previously late July).
Change Category:
XXXXXXX ...
Scope:
XXXXXXX ...
Release Phase:
Created:
2023-06-01
updated:
2023-07-01
the free basic plan is required to see all details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
changes*
| Date | Property | old | new |
| 2023-07-01 | MC Messages | Updated June 27, 2023: We have updated the rollout timeline below. Thank you for your patience.
In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations. To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method. [When this will happen:] We will begin rolling out in early July (previously late June) and expect to complete by early August (previously late July). | Updated June 30, 2023: We have updated the rollout timeline below. Thank you for your patience.
In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations. To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method. [When this will happen:] We will begin rolling out in early July (previously late June) and expect to complete by early August (previously late July). |
| 2023-07-01 | MC How Affect | Microsoft managed will be rolled out as enabled. Admins will have the control to disable the feature.
Admins can enable the feature via the admin UX in the Azure Portal or GraphAPI. For example, if a user named "John Doe" registered both SMS and Microsoft Authenticator and used SMS as the default option to sign in, the system-preferred method (Authenticator) will be presented to the user once the feature is enabled. We launched this with Microsoft-managed set to disabled. As mentioned above, we will be setting "Microsoft-managed" to enabled from the end of June 2023. While we highly encourage you to adopt this feature for your entire tenant, should you need to you can either scope the feature for a segment of your user population or disable it if necessary. The feature will ultimately be set to Microsoft-managed (enabled) for all tenants, with no option to disable it. To ensure adequate preparation time, detailed timelines will be shared by June. Deploying this feature with the rollout controls is highly encouraged to enhance security and ensure users always use the most secure authentication method first. The feature is now available from your tenant. | Microsoft managed will be rolled out as enabled. Admins will have the control to disable the feature.
Admins can enable the feature via the admin UX in the Azure Portal or GraphAPI. For example, if a user named "John Doe" registered both SMS and Microsoft Authenticator and used SMS as the default option to sign in, the system-preferred method (Authenticator) will be presented to the user once the feature is enabled. We launched this with Microsoft-managed set to disabled. As mentioned above, we will be setting "Microsoft-managed" to enabled from the first week of July 2023. While we highly encourage you to adopt this feature for your entire tenant, should you need to you can either scope the feature for a segment of your user population or disable it if necessary. The feature will ultimately be set to Microsoft-managed (enabled) for all tenants, with no option to disable it. Deploying this feature with the rollout controls is highly encouraged to enhance security and ensure users always use the most secure authentication method first. The feature is now available from your tenant. |
| 2023-07-01 | MC Last Updated | 06/27/2023 20:18:53 | 2023-06-30T17:33:11Z |
| 2023-07-01 | MC prepare | We strongly recommend that tenants enable the feature. | We strongly recommend that organizations enable this feature for all their users to improve their security posture. |
| 2023-06-28 | MC Messages | Updated June 8, 2023: We have updated the rollout timeline below. Thank you for your patience.
In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations. To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method. [When this will happen:] We will begin rolling out in late June and expect to complete by late July. | Updated June 27, 2023: We have updated the rollout timeline below. Thank you for your patience.
In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations. To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method. [When this will happen:] We will begin rolling out in early July (previously late June) and expect to complete by early August (previously late July). |
| 2023-06-28 | MC Last Updated | 06/09/2023 08:07:02 | 2023-06-27T20:18:53Z |
| 2023-06-09 | MC Messages | In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations.
To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method. [When this will happen:] We will begin rolling out in mid-July and expect to complete by mid-August. | Updated June 8, 2023: We have updated the rollout timeline below. Thank you for your patience.
In today's landscape, organizations and users utilize various authentication methods with varying levels of security. Unfortunately, users often select less secure MFA methods, even when more secure options are available. This may be due to convenience, lack of awareness, or technical limitations. To encourage the use of the strongest available method, we are introducing system-preferred authentication for MFA. This system prompts users to sign in with the most secure method they've registered and the one that's enabled by admin policy. This transition from choosing a default method to always using the most secure method will promote better security practices. If users can't use the prompted method, they can choose an alternative MFA method. [When this will happen:] We will begin rolling out in late June and expect to complete by late July. |
| 2023-06-09 | MC Title | System preferred MFA method is Generally Available | (Updated) System preferred MFA method is Generally Available |
| 2023-06-09 | MC Last Updated | 06/01/2023 03:30:34 | 2023-06-09T08:07:02Z |
| 2023-06-09 | MC Category | Stay Informed | Plan For Change |
| 2023-06-09 | MC MessageTagNames | Feature update, Admin impact | Updated message, Feature update, Admin impact |
*starting April 2022
Last updated 7 days ago
