MSPMagic > Knowledge > Policy Docs > Conditional Access > CA-ID03-P2: Require multi-factor authentication for risky sign-ins
CA-ID03-P2: Require multi-factor authentication for risky sign-ins
Introduction
Require multi-factor authentication if the sign-in risk is detected to be medium or high
Requires an Azure AD Premium 2 License
Targets
This targets all accounts
User Impact
HIGH
All users will be required to setup Multifactor Authentication during their next sign login.
Also, Users, Applications and Devices which are accessing tenant workloads with clients that do not support Modern Authentication will need to utilise an app password.
Basics
Template Category: Identity Protection
Assignments
Users and Groups
| Includes | – All Users |
| Excluded | – None |
Cloud Apps or actions
| Cloud Apps | – All apps |
Conditions
Sing-in Risk
| Risk Levels | – Medium – High |
Access Controls
Grant
| Grant | – Require multi-factor authentication |
Recent Posts
- MSPMagic’s Templates for Microsoft Endpoint Manager (Intune) Policies and Best Practice Settings
- Release Update – November 2022
- MSPMagic’s Pre-Made Policies for Microsoft Endpoint Manager (Intune)
- Release Update – October 2022
- COMP-DV05: Windows 10 and later Microsoft Defender for Endpoint Enabled and Clear of Risks