Ensure weak authentication methods are disabled

Why This Matters

Weak authentication methods such as SMS-only verification or legacy passcodes can be easily compromised, exposing user accounts to phishing and credential theft. Disabling these outdated methods reduces the risk of unauthorized access and strengthens your organization’s overall security posture. Administrators should prioritize this check to align with modern authentication standards like passwordless or multifactor authentication (MFA).

What Aether365 Checks

This check verifies that weak authentication methods are disabled in your Microsoft 365 tenant, helping to ensure only secure options like Microsoft Authenticator or FIDO2 keys are allowed. It appears in the Aether365 dashboard under the microsoft-365 checks section.

How to Fix

To disable weak authentication methods in Microsoft Entra ID (formerly Azure AD), follow these steps: