Feedback by UserVoice

Warren

My feedback

  1. 3,663 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    200 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →

    Azure Active Directory Conditional Access has functionality for “Countries/Regions” – see https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    That said, the most effective protection you can have against password spray attacks is to enable MFA and disable basic authentication. If you cannot do this for your entire organization, then blocking user access to legacy protocols like POP, EWS, IMAP and SMTP is another step you can take. Exchange Online Client Access Rules can help you to further customize (https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules). For additional recommendations, please see Office 365 Secure Score.

    That said, please know that we are listening to feedback and working on solutions to help make Office 365 users more secure. Thank you for the feedback.

    An error occurred while saving the comment
    Warren commented  · 

    As everyone else has said this feature should be enabled for any subscription level the fact that we have a report that will log suspicious logins from outside the country but we are not able to black list or white list IP's via Geo-location or even be notified of these logins is ridiculous. You are literally forcing us to pay for a more expensive license for a basic security feature.

    Warren supported this idea  · 

Feedback and Knowledge Base