Forum Discussion
Identify users not using MFA
Hi Microsoft Community, I'd like to identify users who are authenticating to our M365 tenant without MFA. Currently we have MFA enforced by way of Conditional Access policy applying to a grou...
- Thanks to the replies. I found the information I was looking for in the GUI, filtered and downloaded to CSV:
Entra > Protection > Authentication Methods > User Registration Details
Try this PS:
# Connect to Azure AD
Connect-AzureAD
# Get all users
$users = Get-AzureADUser -All $true
# Check MFA status for each user
foreach ($user in $users) {
$mfaStatus = Get-MsolUser -UserPrincipalName $user.UserPrincipalName | Select-Object -ExpandProperty StrongAuthenticationMethods
if ($mfaStatus.Count -eq 0) {
Write-Output "$($user.UserPrincipalName) does not have MFA enabled."
}
}
