How can Admins Change the Default MFA Method for Microsoft 365 Users
Admins can change the default MFA method for Microsoft 365 users, effectively bolstering the security of users who rely on less secure MFA methods.
8 min read
Microsoft has integrated the Power Automate workflow experience directly into SharePoint Online. This allows users to view, create, and manage workflows without leaving the SharePoint site interface. This also introduces a context-aware “Mad-Lib” style automation experience that automatically prefills trigger inputs such as SharePoint sites, lists, and libraries to simplify workflow creation.
Storm-2949 is a sophisticated identity-based attack campaign where a single compromised Microsoft 365 account can lead to wider access across Microsoft 365 and Azure environments. Instead of relying on malware, the attackers abused trusted Microsoft services, MFA workflows, tokens, and permissions to silently move deeper into the environment.
The new Security Detection Report in the Teams admin center helps admins monitor messaging threats across Teams, including impersonation attempts, malicious links, and weaponizable file types. Available from late June 2026, it enables admins to review threats, export detection details, and block malicious external users identified in the report.
Microsoft has rolled out a redesigned dashboard in the Microsoft 365 admin center that brings together the management of Microsoft 365 services, Copilot, AI agents, and more. The updated experience introduces a cleaner layout, streamlined navigation, and centralized insights across users, licensing, service health, and recommendations.
AI tools and agents boost productivity, but unmanaged usage often leads to hidden data leaks and security gaps. Microsoft introduces the Shadow AI page in the Microsoft 365 admin center (Frontier preview) to help you identify and block unauthorized AI agents before they become a risk.
Microsoft Entra ID Account Discovery, currently in preview, gives admins better visibility into user accounts across enterprise applications in Entra ID. By classifying accounts as local, unassigned, or assigned, it highlights mismatches and disconnected users before provisioning. Since this feature isn’t enabled by default, admins need to opt in at the tenant level to start using it.
Struggling to automate secure monitor manage M365?
Try AdminDroid for Free!