EntraAnalyzer
Medium

Authentication strength not configured

Checks whether authentication strength policies are used in Conditional Access to require phishing-resistant authentication methods for sensitive applications.

Category
Authentication
Default severity
Medium
Rule key
CHECK_AUTH_STRENGTH_POLICIES
Last updated

How to fix it

Configure authentication strength policies in Conditional Access to require phishing-resistant authentication methods for sensitive applications.

Required Microsoft Graph permissions

EntraAnalyzer needs the following read-only Graph permissions to evaluate this rule:

  • Policy.Read.All

Further reading

Microsoft documentation →

Run this check on your tenant

EntraAnalyzer evaluates this rule automatically on every scan and emails you the results.

Get started — free first scan →