Feedback by UserVoice

Nilis

My feedback

  1. 400 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for taking the time to provide this feedback. We’ve updated the TechNet documentation (https://technet.microsoft.com/library/mt842508(v=exchg.150).aspx) to clear up confusion around which authentication type and protocol combinations are supported in CARs. Expanding support for more combinations could prevent bad actors with valid credentials from accessing mailbox content, but it wouldn’t help with scenarios like password spray attacks or malicious lockout attempts because CARs are evaluated post-authentication. There’s work underway on a solution that covers a broader array of basic authentication scenarios – we’ll share more details as soon as possible. In the interim, this blogpost (https://cloudblogs.microsoft.com/enterprisemobility/2018/03/05/azure-ad-and-adfs-best-practices-defending-against-password-spray-attacks/) outlines the recommended approach for forcing multi-factor authentication when using AAD and ADFS.

    An error occurred while saving the comment
    Nilis commented  · 

    This is extremely important to have this option in CA policies!
    Just a simple CA policy with Require Modern auth for all EXO protocols e.g. EWS/MAPI/IMAP/POP3 etc or block authentication, where you could make exclusions for legacy printer user needing to do IMAP/POP3.

    @Anonymous, app passwords are not helping. This is not MFA in my opinion. Its just a "better" password.

    Nilis supported this idea  · 
  2. 138 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →
    Nilis supported this idea  · 
    An error occurred while saving the comment
    Nilis commented  · 

    This is indeed important missing feature in doing managed authentication!

  3. 1,258 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Nilis supported this idea  · 
  4. 522 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  Office 365 Admin » Exchange Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Nilis supported this idea  · 
    An error occurred while saving the comment
    Nilis commented  · 

    Microsoft is still advising to onboard mailbox and convert and sync back....
    Why is this still not solved. Looks fairly easy to sync the required attributes back to Exchange.

  5. 2,688 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    137 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

    You can use your own personal email with a personal domain to connect to any type of Office 365 subscription, including Office 365 Home. Office 365 Home relies on a Microsoft account for authentication. A Microsoft account can be created with any personal domain email, it is not required to be Outlook.com/Hotmail.com, etc. Once the Microsoft account is created using your personal email, you can use it to activate and sign into your Office 365 Home subscription.
    If you don’t have a Microsoft account, go to the Microsoft account sign-up page and click on Create account. In the User name box enter your personal domain email address you wish to use. Fill out the rest of the form and click Create account.
    Now you can set up your Office 365 Home subscription with your Microsoft account. This will be the Microsoft account associated with your Office download. If you have…

    An error occurred while saving the comment
    Nilis commented  · 

    This is not a solution. I think adding the personal domain is a must for this service. Or else you directly need the small business plans which are too expensive for home use. Hopefully Outlook premium is coming soon to the EU, but this is without OneDrive and Office.
    Would suggest to include the Outlook premium service in the Office Home subscription. Would be even OK for me to create a Office Home + subscription which adds 10 euro a year for example to use the service. If this would be released I would directly migrate from my current mail provider.

Feedback and Knowledge Base