Microsoft 365 from GoDaddy Help

What are security defaults?

Security defaults are a set of basic security measures designed to protect users in your Microsoft 365 organization from common threats like phishing and identity attacks. They include requiring multi-factor authentication (MFA) and blocking legacy authentication protocols.

Using security defaults reduces the risk of security breaches and data loss. If your business doesn’t have dedicated security staff or resources, security defaults can give you a solid security baseline without requiring a lot of configuration or management.

Make sure all users sign up for multi-factor authentication

Once you’ve turned on security defaults, your users have 14 days to register an MFA method. After 14 days, they won’t be able to sign in without an MFA method. Each user's 14-day period starts after their first successful interactive sign-in post-activating security defaults.

During sign-in, users will be asked to use MFA.

Stop the use of legacy authentication protocols

Outdated or legacy authentication refers to requests made by clients that don't use modern authentication (like an Office 2010 client) or those using old mail protocols such as IMAP, SMTP or POP3. You might use these protcols for setting up your email with a specific client or on a multi-function device like a scanner or printer.

However, most fraudulent sign-ins happen through legacy authentication, which doesn't support multi-factor authentication. Activating security defaults blocks all authentication requests from older protocols.

Verify that MFA status is disabled

If your organization previously used per-user-based MFA, don't worry if you see users in a Disabled status on the multi-factor authentication page. Disabled is the correct status for users using security defaults or Conditional Access based multi-factor authentication.

Get your users ready for security defaults

We recommend letting your users know about the upcoming changes, MFA registration requirements and necessary actions. You can use Microsoft’s free email communication templates, and send them our article on setting up MFA and a link to the Security info page where they can register an MFA method.

Related step

More info

Share this article