Feedback by UserVoice

Anonymous

My feedback

  1. 3,508 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    196 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.

    That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.

    An error occurred while saving the comment
    Anonymous commented  · 

    This should be available for ANY 365 business plan, My company just isn't willing to fork over another $12,000 a year to move up to azure premium

    Anonymous supported this idea  · 
  2. 171 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    An error occurred while saving the comment
    Anonymous commented  · 

    Conditional access if you subscribe to azure premium. There no way the powers that be will a lot me $12000 just to be able to use geofencing.

    Anonymous supported this idea  · 
  3. 109 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    31 comments  ·  M365 (Microsoft 365) Admin Mobile  ·  Flag idea as inappropriate…  ·  Admin →

    We are interested in understanding this feature request better. Is this functionality available somewhere else within Office 365?

    An error occurred while saving the comment
    Anonymous commented  · 

    We currently have an older ERP deployment that has a dual logon. First domain access second erp permissions. We always get users locking out their accounts due to this, mainly the newer employees, and always seems to happen when I am not in the office. We just started an o365 migration last week and had a user locked out this morning. Was actually surprised this wasn’t available.

    Anonymous supported this idea  · 

Feedback and Knowledge Base