Enable or disable security defaults
Security defaults help protect you from identity-related attacks with preconfigured security settings. This means that all email users will be asked to register for multi-factor authentication (MFA) using the Microsoft Authenticator app. We recommend using security defaults, but you can enable or disable these settings to fit your business needs.
When security defaults are enabled, your organization's email must be set up in clients that support modern authentication and don't use IMAP, SMTP, or POP mail protocols. For example, Office 2016 and newer and the Mail app for Mac are supported clients.
Required: You need admin permissions to change security default settings. For more info, see admin roles from Microsoft.
- Sign in to the Azure portal. Use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
- Search for Azure Active Directory.
- Under Manage, select Properties.
- Select Manage Security defaults.
- Set the Enable Security defaults toggle to Yes. Or, set the toggle to No and choose a reason for disabling.
- Select Save. You'll see confirmation that your security defaults saved.
Required: If you already have Conditional Access policies enabled, you'll need to disable them before you can enable security defaults. Sign in to your Conditional Access Policies and select the policy. Under Details, select Delete, and then select Yes to confirm. Repeat as needed to remove all enabled policies.
More info
- If you disable security defaults, you can still enable multi-factor authentication for users.
