Enable or disable security defaults
As an admin, you can turn on security defaults to help keep your organization safe from phishing and identity-related attacks. Security defaults ensure a basic level of security, requiring all admins and users to set up a sign-in method for multi-factor authentication, or MFA. This added layer of protection can keep your account from being compromised.
Select the appropriate tab based on whether you’re an admin and the GoDaddy account owner or an admin but not the account owner.
These steps are for admins who are also the GoDaddy account owner.
- Sign in to your Email & Office Dashboard (use your GoDaddy username and password).
- On the leftmost side, select Microsoft 365 Admin, and then Security Settings.
- Under Protect Your Email with Security Defaults, select Manage.
- Select Continue.
- Search for a domain name in your organization.
- If there are linked domains in your organization, select See list of domains in this organization to see which domains will be affected by changes to security defaults.
- To enable or disable security defaults, turn on (shows green) or turn off the Enable security defaults toggle, and then select Save.
You’ll see a confirmation that security defaults were enabled or disabled successfully.
These steps apply to admins who are not GoDaddy account owners.
- Sign in to the Microsoft Entra admin center. Use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
- Search for Tenant properties, and then select it from the results.
- Select Manage security defaults. A window will open on the rightmost side.
- Under Security defaults, select Enabled or Disabled.
- Select Save. You’ll see a confirmation that security defaults were enabled or disabled successfully.
I have Classic policies enabled
If you see an error saying that you have Classic policies enabled, you need to disable them before you can enable security defaults (if this does not apply to you, skip ahead to the next section).
- Go to your Classic policies page (or, in the search bar at the top of the Microsoft Entra admin center, enter and select Azure AD Conditional Access, and then select Classic policies).
- Select the policy, and then, at the top of the page, select Disable.
- Repeat as needed to disable all enabled policies.
Set up your multi-factor authentication method
Congrats! If you've enabled security defaults, you've taken an important step to securing your email accounts. But we're not done yet — you need to set up the MFA sign-in method used to verify your identity whenever you sign in to your account. Both admins and users need to complete this next step.