Forum Discussion
MFA Authentication Method - Displays previously removed mobile number on password reset request
Hi, Rob.
The number shown in Azure Active Directory and downstream systems like Exchange, Outlook, etc. is not the same as the MFA phone number, so it's quite possible to see one set of numbers when checking MFA and another altogether (or even none) when a user's looking at something like Teams or Outlook.
It's possible that the number has originated from Active Directory - if you're a hybrid customer using AAD Connect; that someone's punched it into the Azure AD user object; or even the user themselves added it to their profile via entry points such as Delve (which is what you get booted into when choosing Office 365 Profile from the avatar menu on the Office 365 landing page".
Unfortunately, there's lots of places that hold competing values - such as for mobile - and it's not possible to set one as the "source of truth". This frequently manifests (again, for just the subset of attributes known as "shadow attributes" this scenario applies to) as playing whack-a-mole when you're trying to update what users see versus what administrators see.
It's also worth noting that once updated, it can still take quite some time for changes to such attributes to propagate between systems. My rule of thumb for many things in Office 365 these days is "give it a day".
Welcome to Office 365 and Azure.
Cheers,
Lain