You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A security-relevant setting under the Advanced Protection Program settings is not addressed in the baselines (GWS.COMMONCONTROLS.9) that may allow users enrolled bypass phishing-resistant MFA requirements.
Motivation and context
If you enable security codes under Advanced Protection Program, but disable security
codes under the main 2-step verification page, which setting takes precedence? Either
way we might want a policy disallowing security codes under the Advanced Protection
Program for consistency.
Implementation notes
Acceptance criteria
Determine what guidance we want to give here
Update the baseline if needed
The text was updated successfully, but these errors were encountered:
💡 Summary
A security-relevant setting under the Advanced Protection Program settings is not addressed in the baselines (GWS.COMMONCONTROLS.9) that may allow users enrolled bypass phishing-resistant MFA requirements.
Motivation and context
If you enable security codes under Advanced Protection Program, but disable security
codes under the main 2-step verification page, which setting takes precedence? Either
way we might want a policy disallowing security codes under the Advanced Protection
Program for consistency.
Implementation notes
Acceptance criteria
The text was updated successfully, but these errors were encountered: