Forum Discussion
New MFA registration alerts (LACK THEREOF)
We have serious concerns with M365 and Azure MFA functionality, it's not secure and prone to compromise. No matter what we do, eventually, at least one user will fall into the trap of registering an MFA method via a nefarious e-mail and allow access to their account. All other MFA providers, i.e. Duo and OKTA among others, offer notifications for all new MFA registrations. There is no feature like this with M365 or Azure, Entrada ID. This seems to be like something that is absolutely necessary at a fundamental level, just like notifying any time a user changes their password. Why does Microsoft not offer new MFA registration alerts? Passively searching audit logs not good practice for realtime authentication, is impossible to maintain security this way and naively dangerous. Does anyone know of a method to actively alert any time an account registers a new authentication method or is there one that I just haven't discovered yet?
See whether this can let you more understand on Microsoft security offers:
Passwordless authentication | Microsoft Security