Being the very green admin in my own small company, this was exactly what I was looking for. I’ve spent over a day looking at 20+ Microsoft KB articles that have sent me round and round in circles, yet you’ve just nailed in 30 minutes. Thank you - subscribed!

I appreciate that you do these videos in such a clear and concise manner. Without your explanations and examples, I would be lost! Thank You!!!

Pssst, Jonathan, it’s “deprecated”, not “depreciated.” Subtle difference in spelling but quite different meanings.

Always great to consume your thorough and impeccably produced vids. Thanks!

Nice one Jonathan, thanks for sharing!

Epic! Another quality video. Not all heroes wear capes.

Yet another rocking one from the Bearded guy! Thanks and appreciated!

One of your best videos hands down. We implement Yubi for all our clients admin/break accounts and FIN employees. It's the way to go.

Useful and very information, thanks Jonathan.

Hey, What happened to existing methods from Legacy, Do users need to register with MFA again, any prompts to users?

As usual. Great Video!!! Thanks Bro.

Hi Jonathan, awesome video! Thanks a lot! Quick question, if the Break Glass account should be protected with MFA ( in this case using the YUBIKEY), what will trigger it if we are excluding it in all the conditional access policies? Thanks

Hello Jonathan, I do not see your Enable Authenticator MFA youtube video anywhere, did you remove it?

Great videos mate - i just subscribed - learning heaps, especially with the security side of things :)

So you disabled SSPR -- so that means users can't reset their own password now?

I'm loving this. One question. What's the difference between when the authenticator gives you two numbers to select on your phone and the other one where you have to type in 6 numbers on your PC? What is the official name for each and which is better?

Thanks Jonathan, finger on the pulse as always. Our Global Admin accounts for all customers are all Software OATH tokens. I read that this is not accepted as a first factor authentication method. Not sure if we need to change anything?

Hey, what about App Passwords? I need those for my printers. Cannot find anything in the migration documentation.

Hi, my question is why did you have to disable SSPR? Can I follow the guide skipping the SSPR part? Would it still work well?

Johnathan thank you very much for such a needed video. My biggest problem after this is configuring legacy MFC printers to do scan to email and unattended remote support of clients who have enabled MFA. I need to be interactively with the client so that he provides either the SMS code or approves it with is authenticator app. I can't figure out how to do unattended remote support IE after hours to install apps, run diagnostics etc. All my client don't want to pay for Microsoft 365 business Premium they only use Microsoft 365 Business Standard. Thanks and regards. Alfred

Thank you!

Brilliant!

Thank you so much !!!!!!!!!!

Awesome

Agreed, @14:36, Ian is definitely the problem. Have you considered other options for Ian? Like a visit from Joe Pesci, to help understand what it is he does here?

nice video as always - for windows there is "Windows For Hello" for Mac there is " Platform SSO" what about for Linux? does anyone know there are similar solutions like this in Linux?

For anybody confused, you will not have most of these options if you do not have the correct licensing.

Hi Jonathan. i created an exclusion group for admins and added to the conditional access policy Require multifactor authentication for admins . but it does not apply, i do not get any mfa prompt. if i remove the group and sign in as an individual admin I do get prompted for mfa. if I do a what if, it shows the policy will not apply and shows users and groups as the reason why Policy Name Reasons why this policy will not apply State Require multifactor authentication for admins Users and groups On Any help would be appreciated

extremely early

😂🎉