Forum Discussion

microc1's avatar
microc1
Copper Contributor
Feb 07, 2020
Solved

All users receive "Your organization needs more information to keep your account secure" when logon

All users receive "Your organization needs more information to keep your account secure" when logon o365 web portal.  Users can select "skip for now (XX days until is required)" but it will finally ...
admin
microsoft 365 admin center
office 365
  • microc1's avatar
    microc1
    Feb 11, 2020

    Thank you for the hint.

     

    Finally solved by:
    Azure Active Directory > Properties
    Manage security defaults
    set Enable security defaults to No

techlogik7's avatar
techlogik7
Brass Contributor
Nov 06, 2023

We have this same issue. We use CA, no defaults are configurable. Out of nowhere users are getting hit with 

Your organization requires you to set up the following methods of proving who you are.
Additional authentication is required to complete this sign-in.
 
Then you go to a redirect/Azure and around in circles it goes and finally back to this message, just a loop over and over and you can't do anything.
 
MFA is supposed to be the first line of things Azure checked if enabled. We do have CAs for hybrid joined/intune compliant devices...but how do you setup MFA if you can't even get the page to show to download the MS App or enter a phone number. Which this is another issue I have a support ticket open on. We can't modify the default Authentication methods or disabled MS Auth app it just gives an error and 3 days later no support response, just send us info...dead in water. Cluster and mess as usual with MS and this entire CAs, Auth apps, Intune dumpster fire....Rant over.  Any ideas, let us know. Only way to get a user in is turn off MFA, they sign in, then setup MFA methods, then put them in the groups to enforce CAs Intune policies. Giant mess. And let's not get into the 18hrs it takes for a CA rule change to go into effect. Literally spending weeks on end making single changes to troubleshoot issues and getting nowhere fast. MS is useless their support.
Colin123's avatar
Colin123
Copper Contributor
Jan 23, 2024

I had same issue, using Intune to sign up a new user on a new PC. Got the AADSTS50192 message.
Then tried to login on an existing windows laptop via a browser, same issue.

 

After scratching my head for a while I figured it must be to do with the user needing to log in with MFA but no security info setup for the user, so they cannot log in with MFA.

 

1) Logged in as an Administrator to "Microsoft 365 Admin Center"
2) Selected *"Identity" under "Admin Centers" to Access "Microsoft Entra Admin Center"
3) "Microsoft Entra Admin Center" select "Users" > "All Users"
4) Select the relevant user
5) Under the user screen select "Authentiction Methods", enter an authentication method,
6) When complete press save icon.

 

User should now be prompted for additional data when logging in as there will be an authentication method available when logging in.

 

Suggestions to Microsoft
1) * Rename "Identity" to "Microsoft Entra Admin Center" in "Microsoft 365 Admin Center"
2) ** In "Microsoft 365 Admin Center", add method to enter user authentication method when setting up a user, setting up a user without it is pretty useless.