Forum Discussion
MFA/2FA for users - do not not allow change "Security info"
We have enabled MFA for the bigger part of our users and noticed a few misconfigurations. We would like to prevent users from changing their own "security info" so only admins could enter their mobil...
You can use Authentication strenghts to manage the methods authorized for MFA purposes.
https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-authentication-methods-manage
In January 2024, the legacy admin experience will be replaced by Authentication Strenghts:
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/authentication-strength-choose-the-right-auth-method-for-your/ba-p/2365674
IHMO, it is a best practice to let user reset their password / authentication methods (of course, if you manage the available methode)
https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-authentication-methods-manage
In January 2024, the legacy admin experience will be replaced by Authentication Strenghts:
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/authentication-strength-choose-the-right-auth-method-for-your/ba-p/2365674
IHMO, it is a best practice to let user reset their password / authentication methods (of course, if you manage the available methode)