Identity & Authentication
User authentication and identity protection controls
User MFA Registration
MFA blocks over 99.9% of account compromise attacks. Even with a CA policy requiring MFA, users must actually register MFA methods to be protected. Low registration means users are vulnerable.
Block Legacy Authentication
Legacy protocols like IMAP and POP3 cannot enforce MFA. Attackers specifically target these protocols to bypass your MFA policies. Blocking them closes a major attack vector.
Enable Self-Service Password Reset
SSPR allows users to securely reset passwords without helpdesk intervention. It reduces password reset tickets by up to 70% while maintaining security through MFA verification during reset.
Configure Smart Lockout Protection
Password spray attacks try common passwords across many accounts. Smart lockout detects these patterns and blocks attackers while allowing legitimate users to authenticate. Weak settings leave you vulnerable.
Require Phishing-Resistant MFA for All Users
Phishing attacks can bypass traditional MFA. At Level 3, the entire organization uses authentication methods that cryptographically prove user presence, eliminating MFA bypass attacks entirely.
Ready to implement identity & authentication controls?
TrueConfig continuously monitors your Microsoft 365 tenant and helps you maintain compliance with these security controls.