Entra

  • Blog

    Microsoft Entra account lockouts caused by user token logging mishap

    Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems. On Saturday morning, numerous organizations reported that they began receiving Microsoft Entra alerts that accounts had leaked credentials, causing the accounts to be locked out automatically. Impacted customers initially thought the account lockouts were tied to the…

    Read More »
  • Blog

    Widespread Microsoft Entra lockouts tied to new security feature rollout

    Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID’s “leaked credentials” detection app called MACE. These alerts and lockouts began last night, with some admins believing they were false positives as the accounts have unique passwords that are not used on any other sites or applications. Microsoft…

    Read More »
  • Blog

    Microsoft Entra “security defaults” to make MFA setup mandatory

    ​Microsoft says it will improve security across Entra tenants where security defaults are enabled by making multifactor authentication (MFA) registration mandatory. This move is part of the company’s Secure Future Initiative, launched in November 2023, to boost cybersecurity protection across its products. “We’re removing the option to skip multifactor authentication (MFA) registration for 14 days when security defaults are enabled.…

    Read More »
Back to top button
close