Feedback by UserVoice

Jonathan Mergy

My feedback

  1. 3,662 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    200 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.

    That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.

    An error occurred while saving the comment
    Jonathan Mergy commented  · 

    It's 2020. We receive thousands of harvested breach logins and password attacks and all they do is bang against Azure AD all day from countries and locations that will NEVER have a legitimate successful login to our tenant and Microsoft will not let us inhibit this.

    Yes, I know about conditional access and we are using that. We watch as bots slam constantly and concurrently against Microsoft servers using old credentials and we watch as our conditional access kicks-in along with MFA. But, this is all such a tremendous waste of time and resources.

    Just let Office365 Admins not allow login attempts from regions we don't want to even waste our time on.

    Come on now.
    Come on now.

    Jonathan Mergy supported this idea  · 
    An error occurred while saving the comment
    Jonathan Mergy commented  · 

    We've done all we can with the existing O365 tools but I really need the ability to inhibit any authentication actions by country, IP range, etc. I have servers in China just pegging specific accounts and it's crazy I can't just cut them off.

  2. 13,263 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    499 comments  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Jonathan Mergy supported this idea  · 

Feedback and Knowledge Base