This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 42%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
We already use multifactor authentication (MFA) from our 3rd party IDP for every login to any of our systems or M365. Will this require us to have another layer of MFA for our Microsoft logins? We are quite happy with our current level of security requiring either a text message or authenticator code or email code for login to all our systems. Our users will probably come after me with pitchforks if I tell them they have to do it twice with different systems.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 92%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYL%3C/text%3E%3C/svg%3E)
Hello,
The email you received from Microsoft indicates that security defaults will be enabled in your tenant, which includes requiring multifactor authentication (MFA) for all users and administrators. However, since you are already using a third-party IDP for MFA, you can disable security defaults to avoid having another layer of MFA for your Microsoft logins.
If your existing MFA solution meets your security needs, you might consider discussing with your IT team whether to disable Microsoft’s security defaults after they are enabled. However, be aware that this could leave your organization without some of the protections that Microsoft provides.
For more details, please refer to the documents:
Guideline: Partner: CSP: Security Defaults Enablement
disable Security Defaults: Providing a default level of security in Microsoft Entra ID - Microsoft Entra | Microsoft Learn
Best Regards,
Yanhong Liu
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.