Microsoft is rolling out these security settings to protect millions of accounts. Here's what's changing

To thwart password and phishing attacks, Microsoft is rolling out security defaults to a massive number of Azure Active Directory (AD) users. 

Microsoft began rolling out security defaults to customers who created a new Azure AD tenant after October 2019, but didn’t enable the defaults for customers that created Azure AD tenants prior to October 2019. 

Today, Azure AD security defaults are used by about 30 million organizations, according to Microsoft, and over the next month Microsoft will roll out the defaults to many more organizations that will result in the defaults protecting 60 million more accounts. 

“When complete, this rollout will protect an additional 60 million accounts (roughly the population of the United Kingdom!) from the most common identity attacks,” says Microsoft’s director of identity security, Alex Weinert.  

Azure AD is Microsoft’s cloud service for handling identity and authentication to on-premise and cloud apps. It was the evolution of Active Directory Domain Services in Windows 2000. 

Microsoft introduced secure defaults in 2019 as a basic set of identity security mechanisms for less well-resourced organizations that wanted to boost defenses against password and phishing attacks. It was also aimed at organizations using the free tier of Azure AD licensing, allowing these admins to just toggle

Read More: