Managing security can be difficult with common identity-related attacks like password spray, replay, and phishing becoming more and more popular. Security defaults make it easier to help protect your organization from these attacks with preconfigured security settings:
- Requiring all users to register for Azure AD Multi-Factor Authentication.
- Requiring administrators to perform multi-factor authentication.
- Blocking legacy authentication protocols.
- Requiring users to perform multi-factor authentication when necessary.
- Protecting privileged activities like access to the Azure portal.
![Screenshot of the Azure portal with the toggle to enable security defaults](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/media/concept-fundamentals-security-defaults/security-defaults-azure-ad-portal.png)
Azure Active Directory security defaults | Microsoft Docs