 Matt says, has anyone noticed that Microsoft is making the MFA, the multi-factor authentication method, mandatory for M365 applications? If there is no response, settings will be set automatically. Is this information correct? Does someone know more? Yes and no, I should say no and yes. There you go people. Is this information correct? No, it is not correct. It is not correct. They're not forcing MFA. Do elaborate how they are. They are doing that for Azure AD logins. But they're not forcing MFA. That whole concern is all about them turning off basic auth which means anything that you need to do to talk. To email or the like has to understand OAuth or it has to be able to use an app specific password. But there is no forcing. At least in the state of the world of the Office 365 applications, there's no forcing to MFA. That's the organizational level. If your organization has turned it on and enforcing it. Which many do. Yes, right. That's different. Yeah. Yeah, I get asked this on a pretty regular basis, and so I'm constantly reviewing and making sure there's nothing that's getting changed. As far as I know, like 100 percent agree with how it's not being forced, it's actually optional. Your MFA settings are all optional. You can go in and enable and disable them at any time. Just remember that if you switch that, the thing you need to remember is that sometimes if that authentication has been tied up around an MFA in the past, enable them in in the past, then there's going to be things that are left over artifacts that are left over from that. So if you're going to switch from enable to disable for one or more people, you should sign them out from all applications when you do that so that they can sign back in and they don't have those hanging things from the MFA pieces all over the place. Otherwise, they're going to call you and you're not going to be a happy camper. So you get to choose that. Just make sure that you're going to do that when you change it. That's much more specific than me just saying expect flakiness. Yes. Both core organizations will enforce it and they'll communicate it using the same mechanism that you're probably already pre-filtering already because you get too many messages from your central IT group. So you may want to check in to see if MFA was rolled out within your organization. I've remarked over the last several weeks about how, I've noticed just a huge spike in spam and in phishing attempts that have gotten through the Microsoft 365 security layer. Go in and look at your junk and look at it from an admin level. It's just shocking the volume that's there and the things that are still getting through. It's interesting and Hal tried to help me out here, but for my tenant, I had for all the accounts, I had one where MFA was not turned on and that's the one that got hacked and was able to get everything and lock it down. But it just it was a headache there for a couple days and turned it back on. I remember it was one of those where it was turned off because of something like installing some older program or something rather where it was causing an issue. So turned it off temporarily, forgot to turn it back on, bam. Yeah. I think the biggest tips and tricks that I, I mean, I know it's not specifically answering this question, but it goes along with this question is that tips and tricks are always have a backup account that's not used day-to-day that it has an admin level clearance so that you can get back in if you need to, always have MFA tied to your admin accounts and use PIM as much as you possibly can so that you can basically escalate only when needed. So like you really shouldn't, nobody should really ever need admin day-to-day. Like you should be able to say, if you need this admin level, you should be able to elevate your credentials up whenever you need to, and then that way they automatically bounce back when you're done. And I think, you know, if you kind of just follow some best practices around security, you're going to massively lower the risk of anybody being able to get in and mess with your stuff.