Microsoft Entra ID continues to strengthen identity security by modernizing how authentication and access policies are enforced. As part of this effort, Microsoft is retiring legacy capabilities and closing gaps that attackers could exploit. These updates focus on three key areas: replacing Custom controls with External MFA, enforcing Conditional Access consistently during credential registration, and requiring explicitly registered authentication methods for self-service password reset (SSPR...

Read the original article