Merge pull request #102586 from MarileeTurscak-MSFT/patch-298

added note about modern auth

Author: PRMerger12

articles/active-directory/fundamentals/concept-fundamentals-security-defaults.md

@@ -92,6 +92,8 @@ After you enable security defaults in your tenant, any user who's accessing the
 
 If the user isn't registered for Multi-Factor Authentication, the user will be required to register by using the Microsoft Authenticator app in order to proceed. No 14-day Multi-Factor Authentication registration period will be provided.
 
+Pre-2017 Exchange Online tenants have modern authentication disabled by default. In order to avoid the possibility of a login loop while authenticating through these tenants, you must [enable modern authentication](https://docs.microsoft.com/exchange/clients-and-mobile-in-exchange-online/enable-or-disable-modern-authentication-in-exchange-online).
+
 > [!NOTE]
 > The Azure AD Connect synchronization account is excluded from security defaults and will not be prompted to register for or perform multi-factor authentication. Organizations should not be using this account for other purposes.