Forum Discussion

dbetlow's avatar
dbetlow
Iron Contributor
Feb 27, 2018
Solved

Report on users with MFA Enabled

We are not currently enforcing MFA for all users, but have sent out instructions to allow users to self-enroll in MFA (http://aka.ms/MFASetup).  Looking at the status of users who I know have enabled...
Azure Active Directory (AAD)
  • Pablo R. Ortiz's avatar
    Pablo R. Ortiz
    Feb 28, 2018

    No, your users are not enabling MFA for themselves by using those URLs, That's a fact. You may have some other configuration going on.

Colin Kness's avatar
Colin Kness
Copper Contributor
Apr 26, 2018

It is not approved Microsoft process to pre publish the 2fa web page for the user to fill out.  You will notice the apppassword tab is missing as when till enabled.  I have found if users prefill out this form there is a problem in the 2factor process.  I need to reset all users that pre filled out form.  The hole process of enable and auto enforce makes the 2 factor process very difficult to role out. The app password on the phone is the hardest for people to understand as well.  You have no idea how long it will take to use the new app password on the phone.  Also the tab for app passwords does not even look like a tab and is often over looked by end users.  The visibility into the whole process is a complete different experience form Duo, reports  what reports !   Microsoft = NO reports of value... with out PowerShell. 

Jason Simotas's avatar
Jason Simotas
Copper Contributor
Jul 28, 2018

couldn't agree more with Colin

Colin Kness wrote:

The app password on the phone is the hardest for people to understand as well.  You have no idea how long it will take to use the new app password on the phone.  Also the tab for app passwords does not even look like a tab and is often over looked by end users.  

 

Resources