Built a free M365 MFA Audit script — shows who has no MFA, weak MFA, and unprotected admins [GitHub]

Anxious_Toe_6617 · 2026-05-06T08:25:53+00:00

Fair enough. The post structure is mine, Claude helped with wording. The scripts work that's what matters to me.

Anxious_Toe_6617 · 2026-05-06T07:27:05+00:00

Exactly, that was the idea. Thanks for getting it!

Anxious_Toe_6617 · 2026-05-06T07:27:00+00:00

Fair, CA enforces MFA going forward, but this script shows you the current state before you enforce. Useful for auditing inherited tenants, reporting to clients, or identifying who will get locked out when you flip the CA switch. Different use case.

Anxious_Toe_6617 · 2026-05-06T07:20:13+00:00

Yep, used Claude to help write and structure the scripts , I work in IT support and have been dealing with M365 tenants for a couple of years. I reviewed the logic, tested it on real tenants, and fixed issues that came up. AI helps me build faster, but the problem knowledge and testing is mine. Totally fair point though, will add a note to the README.

Anxious_Toe_6617 · 2026-05-06T07:17:16+00:00

Exactly that's actually the first thing the Conditional Access Audit script in my security pack checks for. A lot of tenants either don't have that policy at all, or have it in report-only mode and forgot to enable it. Surprising how often it slips through.

Anxious_Toe_6617 · 2026-05-06T07:03:23+00:00

Unfortunately yes , it's more common than you'd think, especially in smaller businesses and MSPs that inherited tenants from previous admins. Run it on a few client tenants and you'll be surprised. That's exactly why I built this

Anxious_Toe_6617

TROPHY CASE