Disable App Passwords when Enabling Multi Factor Authentication

App passwords are considered less secure than using your phone for authentication. As an administrator, you can remove this option for users when enabling MFA.

  1. Login to the Microsoft 365 Admin Center.
  2. Go to Users > Active users.
  3. Without selecting any user, click Multi-factor authentication.
  4. Select the Service Settings tab.
  5. Select Do not allow users to create app passwords to sign in to non-browser apps.