Forum Discussion
Robin_Poulose
Feb 23, 2022Brass Contributor
MFA 14 days grace period
is there any other options apart from below two ?
As mentioned, for the 14 day grace period to apply to users when registering for MFA, there are two ways to achieve this. One way would be to enable Security Defaults which would enable MFA for the entire tenant. This option does not need additional licenses and can be enabled from the AAD portal. For more information on SD, please refer to https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults.
The second option would be to enable the AAD MFA Registration Policy. To do this, you would require Identity Protection, which is included within the AAD Premium P2 licenses. This policy will apply to Conditional Access Policies. For more information on this, please refer to https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy.
The GitHub Azure Docs forum that discusses this is within the following site https://github.com/MicrosoftDocs/azure-docs/issues/43034.
- For the grace period? Only these two AFAIK.
- AusSupport180Brass Contributor
We have a CA for all users -MFA Enabled
Also Azure P2
Again IP - Policy enforcement Enabled.
but no 14-day grace period?