You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/multi-factor-authentication-enforcement.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,11 +5,11 @@ ms.topic: conceptual
5
5
ms.date: 08/14/2023
6
6
---
7
7
8
-
# Manage multi-factor authentication (MFA) enforcement on your subscriptions
8
+
# Manage multi-factor authentication (MFA) on your subscriptions
9
9
10
-
If you're using passwords, only to authenticate your users, you're leaving an attack vector open. Users often use weak passwords or reuse them for multiple services. With [MFA](https://www.microsoft.com/security/business/identity/mfa) enabled, your accounts are more secure, and users can still authenticate to almost any application with single sign-on (SSO).
10
+
If you're using passwords only to authenticate your users, you're leaving an attack vector open. Users often use weak passwords or reuse them for multiple services. With [MFA](https://www.microsoft.com/security/business/identity/mfa) enabled, your accounts are more secure, and users can still authenticate to almost any application with single sign-on (SSO).
11
11
12
-
There are multiple ways to enable MFA for your Azure Active Directory (AD) users based on the licenses that your organization owns. This page provides the details for each in the context of Microsoft Defender for Cloud.
12
+
There are multiple ways to enable MFA for your Azure Active Directory (Azure AD) users based on the licenses that your organization owns. This page provides the details for each in the context of Microsoft Defender for Cloud.
13
13
14
14
## MFA and Microsoft Defender for Cloud
15
15
@@ -21,7 +21,7 @@ The recommendations in the Enable MFA control ensure you're meeting the recommen
21
21
- Accounts with write permissions on Azure resources should be MFA enabled
22
22
- Accounts with read permissions on Azure resources should be MFA enabled
23
23
24
-
There are three ways to enable MFA and be compliant with the two recommendations in Defender for Cloud: security defaults, per-user assignment, conditional access (CA) policy.
24
+
There are three ways to enable MFA and be compliant with the two recommendations in Defender for Cloud: security defaults, per-user assignment, and conditional access (CA) policy.
25
25
26
26
### Free option - security defaults
27
27
@@ -33,7 +33,7 @@ Customers with Microsoft 365 can use **Per-user assignment**. In this scenario,
33
33
34
34
### MFA for Azure AD Premium customers
35
35
36
-
For an improved user experience, upgrade to Azure AD Premium P1 or P2 for **conditional access (CA) policy** options. To configure a CA policy, you'll need [Azure Active Directory (AD) tenant permissions](../active-directory/roles/permissions-reference.md).
36
+
For an improved user experience, upgrade to Azure AD Premium P1 or P2 for **conditional access (CA) policy** options. To configure a CA policy, you need [Azure Active Directory (Azure AD) tenant permissions](../active-directory/roles/permissions-reference.md).
37
37
38
38
Your CA policy must:
39
39
@@ -51,7 +51,7 @@ Learn more in the [Azure Conditional Access documentation](../active-directory/c
51
51
52
52
## Identify accounts without multi-factor authentication (MFA) enabled
53
53
54
-
You can view the list of user accounts without MFA enabled from either the Defender for Cloud recommendations details page, or using Azure Resource Graph.
54
+
You can view the list of user accounts without MFA enabled from either the Defender for Cloud recommendations details page, or by using the Azure Resource Graph.
55
55
56
56
### View the accounts without MFA enabled in the Azure portal
57
57
@@ -63,7 +63,7 @@ To see which accounts don't have MFA enabled, use the following Azure Resource G
0 commit comments