At least one Conditional Access policy is configured to secure security info registration only from a trusted location
Why This Matters
Malicious actors can exploit insecure security info registration to enroll unauthorized authentication methods on user accounts, leading to account takeover. Without a Conditional Access policy restricting registration to trusted locations, users may inadvertently or under coercion register security info from untrusted networks, weakening the overall security posture.
What Aether365 Checks
This check verifies whether your Microsoft 365 tenant has at least one Conditional Access policy configured to secure security info registration from a trusted location. It appears in the Aether365 dashboard under the microsoft-365 checks category as AE.1011.