Forum Discussion

OneTechBeyond's avatar
OneTechBeyond
Iron Contributor
Apr 28, 2020

Difference between single "Approve" push MFA, and "match the number" push MFA in Office 365?

How do I force enable Azure AD MFA on my Microsoft 365 tenants to use the "match the number on screen" push MFA via the Microsoft Authentor app, versus the older traditional single step "Please click Approve" style of push MFA?

Authentication
Authenticator app
microsoft 365
security

3 Replies

  • VasilMichev's avatar
    VasilMichev
    MVP
    Apr 29, 2020

    That depends on the application you are connecting to, and its implementation of the ADAL/MSAL methods. You cannot centrally govern it.

    • Moe_Kinani's avatar
      Moe_Kinani
      Bronze Contributor
      Apr 29, 2020
      Vasil,

      Totally agree, depends on application and the way it’s configured.

      Moe
  • Moe_Kinani's avatar
    Moe_Kinani
    Bronze Contributor
    Apr 29, 2020

    Hi Robert,

     

    To enable it in your Tenant, you need to enable the users for preview features and also enable 'Microsoft Authenticator passwordless sign-in' from Azure AD (Screenshots below) and then point your users in your organization to https://docs.microsoft.com/en-us/azure/active-directory/user-help/user-help-auth-app-sign-in

     

    Check this https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-phone for more info on how to set it up!

     

    Hope this helps!

    Moe

     

     

     

     

     

     

Resources