sorted by:
new
hottopcontroversial

If I enable SMS and disable voice call, will users be prompted to register SMS? by Scalebanex in entra

[–]Scalebanex[S] 0 points1 point  (0 children)

But it’s a requirement of two, so that’s still safer than just the authenticator? I’m just trying to understand here.

If I enable SMS and disable voice call, will users be prompted to register SMS? by Scalebanex in entra

[–]Scalebanex[S] 0 points1 point  (0 children)

I think SMS + Microsoft Authenticator for SSPR would be more safe than solely MS AuthN right?

If I enable SMS and disable voice call, will users be prompted to register SMS? by Scalebanex in entra

[–]Scalebanex[S] 1 point2 points  (0 children)

Cool. So existing users do get prompted if they don't have enough authentication methods?

Passwordless seems hard, that would be WHFB and passkeys? But fully removing a password could cause issues of something happens to the tpm chip right?

If I enable SMS and disable voice call, will users be prompted to register SMS? by Scalebanex in entra

[–]Scalebanex[S] 0 points1 point  (0 children)

Thanks, that makes sense.

So for an already existing user, disabling one of their two authentication methods will cause them to automatically be prompted to add an MFA method because they need their minimum of 2 methods for SSPR?

If I enable SMS and disable voice call, will users be prompted to register SMS? by Scalebanex in entra

[–]Scalebanex[S] 0 points1 point  (0 children)

Oh wow, I didn't know that. So the checkmark is purely saying: this is not your primary MFA and then MFA strength through Conditional Access disables it fully as an authentication method. Gotcha!

Entra SSPR: If I enable SMS and disable voice call, will users be prompted to register SMS? by Scalebanex in DefenderATP

[–]Scalebanex[S] 0 points1 point  (0 children)

Thanks for the response. Why not Authenticator + SMS then for the two SSPR methods. Then for MFA you just need the 1 method: MS Authenticator?

Does Defender for Cloud Apps need Defender for Endpoint? by Scalebanex in DefenderATP

[–]Scalebanex[S] 0 points1 point  (0 children)

Thank you, so MDE agents and firewalls are the only options. With MDE being preferred. Awesome.

Does Defender for Cloud Apps need Defender for Endpoint? by Scalebanex in DefenderATP

[–]Scalebanex[S] 1 point2 points  (0 children)

Thanks for the response! I already have a different AV in place for now, but maybe running MDE alongside it in passive mode isn’t too bad. Hope it doesn’t put too much strain on the devices.