Plz block DEVICE MFA today

18th May 2026

Please block microsoft.com/device login

This is going to be straight-forward to block on your firewall but that only protects your traditional, on-site users.  For remote users you can also filter emails that contain this string.  AND educate your users to question anything that looks like the following and isn’t expected.

This follows defense in-depth mantra, don’t count on a single method to keep your safe.

This is opposed by not wanting to make many changes simultaneously, which has caught me at least once with a customer calling to say everything is broken and I had to admit this was due to a change I made to keep them safe from a Potential threat.