locked
Issue in 'Identity Protection' policies RRS feed

  • Question

  • Hi,

    Q1:
    'Identity Protection - 'Sign-in risk policy' and 'MFA registration policy'
    I've been working on the 2 policies of 'Sign-in risk policy' and 'MFA registration policy' under the 'Identity Protection' section. I've noticed an issue when it comes to MFA. To simulate this issue, i've installed the 'Tor' browser on both my PC and mobile phone.

    I've been testing using the following 'Use case scenario':

    User10 and User 11 both are in the Include list.
    User10 is also in the Exclude list.

    Even though the user 10 is in the 'Exclude' list, it is still getting the MFA prompt while trying to get him logged in using the 'Tor browser' on the Mobile phone. I then also tested it on the PC by trying to login even using Chrome and Tor again but same issue.

    I even tried by putting just the User10 in both the 'Include' and 'Exclude' list but still the MFA prompt is popping up. So for some reason the 'Exclude' function is not triggering. I also double checked and there is no 'Conditional Access Policy' for an MFA.

    Funny enough, I've also tried to put other users in the 'Exclude' list as well and they are also getting the MFA prompt.

    Not sure where i am doing the wrong step.

    Q2:
    'Identity Protection' - User risk policy
    Why does this policy only triggers when i select the 'User risk' to either 'Low and above' and 'Medium and above' ?
    What's the particular difference between the 3 of these?

    Thanks.


    S.Minhas

    Thursday, October 15, 2020 8:03 AM