Feedback by UserVoice

Paul Slade

My feedback

  1. 3,629 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    199 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.

    That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.

    An error occurred while saving the comment
    Paul Slade commented  · 

    I've just tested this using a conditional access policy to block a test user using a location/IP and it does prevent browser access to apps. As others have mentioned this does require the correct Azure and O365 licences so does come as a cost and is not delivered as part of the basic Azure/O365 offering so there are commercial implications to implementing this.

    An error occurred while saving the comment
    Paul Slade commented  · 

    We need to be able to block access by IP, location, etc BEFORE NOT AFTER the hacker has successfully authenticated. O365 is a joke without the ability to do this.

    Paul Slade supported this idea  · 
  2. 28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Paul Slade supported this idea  · 
    An error occurred while saving the comment
    Paul Slade commented  · 

    We've also hit this issue. MSFT please fix.

  3. 131 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  General » Users, Photos, Contacts  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Paul Slade commented  · 

    This still appears to be an issue. We have users who don't authenticate to the local AD but do authenticate to O365 services. When setting up the user on local AD with change password on first login this doesn't sync to O365 so they can't login as the error states password is incorrect. Please fix this.

    Paul Slade supported this idea  · 
  4. 229 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Paul Slade supported this idea  · 
  5. 1,185 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    37 comments  ·  Office 365 Admin » SharePoint Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Paul Slade supported this idea  · 
    An error occurred while saving the comment
    Paul Slade commented  · 

    This needs fixing.

  6. 155 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Paul Slade commented  · 

    Yes this would be very useful.

  7. 53 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Office 365 Admin » Exchange Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Paul Slade shared this idea  · 
  8. 3,215 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    120 comments  ·  Office 365 Admin » Exchange Admin  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Paul Slade commented  · 

    Why isn't this basic feature enabled.

    Paul Slade supported this idea  · 
  9. 1,436 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    93 comments  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Paul Slade supported this idea  · 
  10. 13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Delve » People Experiences  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Paul Slade commented  · 

    I would like the ability to remove users from the People list.

    Paul Slade supported this idea  · 

Feedback and Knowledge Base