Enable or disable security defaults
To protect your organization from identity-related attacks, admins can enable security defaults in the Email & Office Dashboard. When security defaults are enabled, all email users are required set up multi-factor authentication, or MFA, using the Microsoft Authenticator app. Admins will need to provide extra verification every time they sign in to their accounts.
When security defaults are enabled, your organization's emails must be set up in clients that support modern authentication (like Office 2016 and newer or Apple Mail). Most modern email clients don’t use modern authentication for IMAP, SMTP, or POP mail protocols. If you need to use these protocols, check with your email provider.
Manage security defaults in the Email & Office Dashboard
You can enable or disable security defaults for your organization in the admin section of your Email & Office Dashboard.
- Sign in to your Email & Office Dashboard (use your GoDaddy username and password).
- Select Admin, and then Security Settings.
- Under Protect Your Email with Security Defaults, select Manage.
- Select Continue.
- Enter a domain name in your organization. The Enable security defaults toggle will load.
- If there are linked domains in your organization, select See list of domains in this organization to see which domains will be affected by changes to security defaults.
- To enable or disable security defaults, turn on or turn off the Enable security defaults toggle, and then select Save.
You’ll see a confirmation that security defaults were enabled or disabled successfully.
Manage security defaults in the Azure portal
These steps only apply to admins who are not GoDaddy account owners. Please follow these steps carefully. Making changes in the Azure portal outside of these steps can cause issues with your organization, and our GoDaddy Guides can’t help you fix them. See our Statement of Support.
- Sign in to the Azure portal. Use your Microsoft 365 email address and password (your GoDaddy username and password won't work here). If you don't have access to your sign-in method, first reset your MFA.
- Search for Azure Active Directory.
- Under Manage, select Properties.
- Select Manage Security defaults.
- Set the Enable Security defaults toggle to Yes. Or, set the toggle to No and choose a reason for disabling.
- Select Save. You'll see confirmation that your security defaults saved.

Related step
More info
- If you disable security defaults, you can still enable multi-factor authentication for users.
- We recommend also securing your GoDaddy account with 2-step verification.