Forum Discussion
Solved
MFA says enabled but user is using MFA
My understanding was that if O365 said that MFA was enabled for a user then that user would be required to register for MFA and, once they completed that process, their status would change from enabl...
- That's likely because the user is on a Azure AD joined device and leveraging the PRT to login - this method always counts as second-factor.
There are no Conditional Access policies for MFA so, if the requirement isn't coming from the "old per-user" controls, which is where I thought it was always coming from, then where else could it come from?
I don't see much difference between this user's sign-in logs and others. However, it does say that he uses Windows Hello for Business and others don't.
I don't see much difference between this user's sign-in logs and others. However, it does say that he uses Windows Hello for Business and others don't.
That's likely because the user is on a Azure AD joined device and leveraging the PRT to login - this method always counts as second-factor.
Yes. He is one of the few users we have whose laptop is managed by Intune and Azure AD joined.
Thanks