Clik here to view.
Use Protected Actions to Stop Attackers Hard-Deleting Entra ID Accounts
Enforcing Strong MFA Through Protected Actions Might Block Bad Actors A January 25, 2025 blog about how attackers leverage the User.DeleteRestore.All Graph permission attracted my attention. The idea...
View ArticleClik here to view.
How to Use Bulk User Operations in Entra Admin Center
Update Multiple Entra ID Accounts in a Single Action It’s perhaps a natural assumption that administrative consoles like the Entra admin center perform actions against singular objects. However,...
View ArticleClik here to view.
Entra ID to Disable Service Principal-Less Authentication
Block for Service Principal-Less Authentication in March 2026 One of the latest announcements from Microsoft engineering groups to improve the overall security of their cloud infrastructure is Entra’s...
View ArticleClik here to view.
How to Report the Sponsors of Entra ID Guest Accounts
Sponsors Are The People Who Invite Guests to Join a Tenant Nearly two years ago, Entra ID added the ability to assign sponsors to guest accounts. A sponsor is someone in the tenant who can attest to...
View ArticleClik here to view.
An Account Blocked by MACE Credential Revocation is A Good Way to Start a...
Leaked Credentials and Sign-in Metrics Make for an Interesting Day Last Saturday morning was interesting. After barely being able to ingest my first coffee, I noticed that Teams was complaining that...
View ArticleClik here to view.
Reducing the Likelihood of Token Theft with Conditional Access Policies
New Token Protection Conditional Access Policy Session Control Now that the removal of basic authentication from Exchange Online has made password spray attacks far less likely to compromise user...
View ArticleClik here to view.
Updating the Entra ID Custom Banned Password List with PowerShell
Use Microsoft Graph PowerShell SDK Cmdlets to Maintain the Entra ID Custom Banned Password List Vasil Michev is busy these days. Apart from his day job, he’s doing the technical reviews for the Office...
View ArticleClik here to view.
Microsoft to Block Users Granting Third-Party App Access to User Sites and Files
New Microsoft-Managed App Consent Policy to Control User Consent for Apps Message center notification MC1097272 (17 June 2025) announces Microsoft’s intention to restrict access to some legacy...
View Article