Accounts: Block Microsoft accounts

6e815a39-7aa8-42e4-88d3-1778dfe85333

Although Microsoft accounts are password-protected, they also have the potential of greater exposure outside of the enterprise. Additionally, if the owner of a Microsoft account is not easily distinguishable, auditing and forensics become more difficult. It is best practice to disable "Add and Login for Microsoft account" in enterprise or secure environments.

More info: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts


desktop
bestpractice-desktop