sync

Author: Justinha

articles/active-directory/authentication/concept-system-preferred-multifactor-authentication.md

@@ -4,7 +4,7 @@ description: Learn how to use system-preferred multifactor authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 03/02/2023
+ms.date: 03/16/2023
 ms.author: justinha
 author: justinha
 manager: amycolannino
@@ -24,6 +24,9 @@ System-preferred MFA is a Microsoft managed setting, which is a [tristate policy
 
 After system-preferred MFA is enabled, the authentication system does all the work. Users don't need to set any authentication method as their default because the system always determines and presents the most secure method they registered. 
 
+>[!NOTE]
+>System-preferred MFA is a key security upgrade to traditional second factor notifications. We highly recommend enabling system-preferred MFA in the near term for improved sign-in security. 
+
 ## Enable system-preferred MFA
 
 To enable system-preferred MFA in advance, you need to choose a single target group for the schema configuration, as shown in the [Request](#request) example. 
@@ -58,7 +61,7 @@ https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy
 
 ### Request
 
-The following example excludes a sample target group and includes all users. For more information, see [Update authenticationMethodsPolicy](/graph/api/authenticationmethodspolicy-update?view=graph-rest-beta).
+The following example excludes a sample target group and includes all users. For more information, see [Update authenticationMethodsPolicy](/graph/api/authenticationmethodspolicy-update).
 
 ```http
 PATCH https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy

articles/active-directory/authentication/howto-mfa-nps-extension.md

@@ -6,7 +6,7 @@ services: multi-factor-authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 01/29/2023
+ms.date: 03/16/2023
 
 ms.author: justinha
 author: justinha
@@ -106,21 +106,21 @@ When you install the extension, you need the *Tenant ID* and admin credentials f
 
 The NPS server must be able to communicate with the following URLs over TCP port 443:
 
-* *https:\//strongauthenticationservice.auth.microsoft.com* (for Azure Public cloud customers).
-* *https:\//strongauthenticationservice.auth.microsoft.us* (for Azure Government customers).
-* *https:\//strongauthenticationservice.auth.microsoft.cn* (for Azure China 21Vianet customers). 
-* *https:\//adnotifications.windowsazure.com*
-* *https:\//login.microsoftonline.com*
-* *https:\//credentials.azure.com*
+* `https:\//strongauthenticationservice.auth.microsoft.com` (for Azure Public cloud customers).
+* `https:\//strongauthenticationservice.auth.microsoft.us` (for Azure Government customers).
+* `https:\//strongauthenticationservice.auth.microsoft.cn` (for Azure China 21Vianet customers). 
+* `https:\//adnotifications.windowsazure.com`
+* `https:\//login.microsoftonline.com`
+* `https:\//credentials.azure.com`
 
 Additionally, connectivity to the following URLs is required to complete the [setup of the adapter using the provided PowerShell script](#run-the-powershell-script):
 
-* *https:\//login.microsoftonline.com*
-* *https:\//provisioningapi.microsoftonline.com*
-* *https:\//aadcdn.msauth.net*
-* *https:\//www.powershellgallery.com*
-* *https:\//go.microsoft.com*
-* *https:\//aadcdn.msftauthimages.net*
+* `https:\//login.microsoftonline.com`
+* `https:\//provisioningapi.microsoftonline.com`
+* `https:\//aadcdn.msauth.net`
+* `https:\//www.powershellgallery.com`
+* `https:\//go.microsoft.com`
+* `https:\//aadcdn.msftauthimages.net`
 
 ## Prepare your environment