Enabling Security Defaults

Enabling security defaults

If your tenant was created on or after October 22, 2019, security defaults might be enabled in your tenant. To protect all of our users, security defaults are being rolled out to all new tenants at creation.

To help protect organizations, we're always working to improve the security of Microsoft account services. As part of this protection, customers are periodically notified for the automatic enablement of the security defaults if they:

• - Haven't enabled Conditional Access policies
• - Don't have premium licenses
• - Aren't actively using legacy authentication clients

After this setting is enabled, all users in the organization will need to register for multifactor authentication. To avoid confusion, refer to the email you received, and alternatively, you can disable security defaults after it's enabled.

To configure security defaults in your directory, you must be assigned at least the Security Administrator role. By default, the first account in any directory is assigned a higher privileged role known as Global Administrator.

To enable security defaults:

1. Sign in to the Microsoft Entra admin center as a Global Administrator.
2. Browse to Identity > Overview > Properties.
3. Select Manage security defaults.
4. Set Security defaults to Enabled.
5. Select Save.