“Bob, one of my employees can send email from his iPhone, but he’s not receiving any emails.”

@ryanl @fifonetworks
Sorry @RyanLodter but I disagree. They pushed this to everyone breaking decades of workflow while forcing employees in some positions to use their personal devices. Then when it did not really work they are not disclosing this to the public (I am a partner and get their security updates). On top of that I had a client whose tenant was taken over (even with MFA) and it took legal threats and over a month to get it resolved. This is not the actions of a responsible company.

@fifonetworks
I see this all of the time especially on Office 365. I thought MFA was supposed to stop this but obviously not. My open question is why does Microsoft push MFA so hard when it obviously does not work? Why are they not posting that people have bypassed this in real attacks?