cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Home

[FIXED] How to prevent sign in page from asking new users for additional security verification

%3CLINGO-SUB%20id%3D%22lingo-sub-999249%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-999249%22%20slang%3D%22en-US%22%3EAre%20you%20enrolling%20them%20into%20Intune%3F%3CBR%20%2F%3E%3CBR%20%2F%3EIf%20so%2C%20you%20should%20disable%20Windows%20Hello%20for%20Business.%3CBR%20%2F%3EIntune%20-%20Device%20Enrollment%20-%20Windows%20-%20Hello%20for%20BUsiness-%20put%20it%20to%20disabled.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-999378%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-999378%22%20slang%3D%22en-US%22%3ESo%20you%20are%20trying%20to%20log%20into%20the%20new%20account%20page%3F%3CBR%20%2F%3EThat's%20where%20you%20are%20getting%20MFA%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-999389%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-999389%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F186539%22%20target%3D%22_blank%22%3E%40Thijs%20Lecomte%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20trying%20to%20log%20in%20on%20the%20page%20I%20showed%20in%20my%20screenshot%20above%2C%20Windows%2010%20settings.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ealso%20MFA%20is%20disabled%20for%20all%20my%20accounts%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F156080iA4CEF2C4CA1B0744%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Annotation%202019-11-11%20133548.png%22%20title%3D%22Annotation%202019-11-11%20133548.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20643px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F156073iF3524A44DEDD0492%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Annotation%202019-11-11%20130839.png%22%20title%3D%22Annotation%202019-11-11%20130839.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-999363%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-999363%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F186539%22%20target%3D%22_blank%22%3E%40Thijs%20Lecomte%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EI%20did%20what%20you%20suggested%20but%20it's%20still%20asking%20for%20phone%20number.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F156094i1313FD365B339F21%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22fgsdf.png%22%20title%3D%22fgsdf.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethe%20user%20I%20created%20is%20a%20normal%20(non-Administrator)%20user%20and%20%3CA%20href%3D%22https%3A%2F%2Faad.portal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FPasswordReset%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Epassword%20reset%20self%20service%3C%2FA%3E%20is%20set%20to%20%22none%22.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20using%20the%26nbsp%3BMicrosoft%20365%20Business%20Trial.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethe%20Windows%2010%20that%20I%20am%20trying%20to%20sign%20in%20into%20has%20already%20a%20local%20administrator%20(an%20outlook.com%20personal%20account).%3C%2FP%3E%3CP%3Ealso%20I%20am%20using%20Windows%2010%20insider%20fast%20ring%20build%2019018.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ethis%20is%20where%20I%20am%20trying%20to%20sign%20in.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F156110i1F28C27AFDAD1D05%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Annotation%202019-11-11%20142639.png%22%20title%3D%22Annotation%202019-11-11%20142639.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-999529%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-999529%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F310193%22%20target%3D%22_blank%22%3E%40HotCakeX%3C%2FA%3E%26nbsp%3Bthis%20could%20be%20either%20Security%20Defaults%20(%3CSPAN%3ESee%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Faka.ms%2Fsecuritydefaults%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%3Ehttps%3A%2F%2Faka.ms%2Fsecuritydefaults%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E%26nbsp%3Bfor%20more%20info)%20or%20Azure%20AD%20%26gt%3B%20Conditional%20Access%20(unlikely%20if%20you%20have%20not%20configured%20this).%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EAlso%20look%20in%20Azure%20AD%20%26gt%3B%20Sign%20Ins%20and%20look%20at%20the%20logins%2C%20click%20on%20Conditional%20Access%20and%20it%20will%20say%20if%20any%20policies%20were%20applied.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EAlso%20FYI%20that%20page%20which%20shows%20if%20MFA%20enable%20or%20no%20always%20shows%20disabled%20if%20MFA%20is%20enforced%20through%20either%20of%20the%20above%20methods.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-999600%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-999600%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3CBR%20%2F%3Ethank%20you%2C%20that%20FYI%20is%20also%20very%20helpful%3CBR%20%2F%3E%3CBR%20%2F%3Ein%20my%20AAD%20sign-ins%2C%20I%20get%20this%3CBR%20%2F%3E%22To%20see%20sign-in%20data%2C%20upgrade%20your%20organization's%20subscription%20to%20include%20Azure%20AD%20P1%20or%20P2.%20Your%20current%20license%20status%3A%20Azure%20AD%20Free%22%3CBR%20%2F%3EI%20activated%20E5%20enterprise%20plan%20trial%20and%20now%20I%20can%20see%20the%20list%2C%20in%20the%20conditional%20access%20column%2C%20it%20says%20%22not%20applied%22%2C%20for%20all%20of%20them%3CBR%20%2F%3E%3CBR%20%2F%3Ealso%20in%20the%20ADD%20conditional%20access%2C%20all%20of%20them%20are%20off.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eis%20it%20possible%20that%20Windows%20insider%20program%20has%20something%20to%20do%20with%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-998301%22%20slang%3D%22en-US%22%3E%5BFIXED%5D%20How%20to%20prevent%20sign%20in%20page%20from%20asking%20new%20users%20for%20additional%20security%20verification%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-998301%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3EUpdate%3A%3C%2FSTRONG%3E%20thanks%20for%20all%20the%20suggestions%2C%20I%20figured%20out%20it%20was%20the%20Windows%20insider%20that%20was%20causing%20it.%3C%2FP%3E%3CP%3Ewhen%20I%20installed%20Windows%2010%20build%201909%20on%20a%20Hyper-V%20VM%20and%20signed%20into%20it%20during%20installation%20using%20AAD%2C%20i%20was%20not%20asked%20to%20provide%20phone%20number.%3C%2FP%3E%3CP%3Eit%20was%20also%20a%20new%20user%20that%20I%20created%20with%20no%20admin%20rights.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20trying%20to%20build%20an%20AAD-based%20environment%2C%20created%20few%20users%20with%20standard%20rights%20(non-administrators).%20when%20I%20go%20to%20one%20of%20my%20Windows%2010%20machines%20and%20try%20to%20join%20it%20to%20AAD%20using%20work%2Fschool%20account%2C%20after%20entering%20Email%20and%20password%2C%20I'm%20presented%20with%20this%20screen%20asking%20for%20phone%20number%20and%20verification.%20I'm%20looking%20for%20a%20way%20to%20stop%20it%20from%20appearing.%3C%2FP%3E%3CP%3Ethere%20is%20another%20option%20in%20that%20drop%20down%20menu%20that%20is%20for%20using%20authenticator%20app%20to%20receive%20codes%20but%20I%20want%20to%20entirely%20disable%20this%20%22additional%20security%20verification%22%20for%20the%20users%20I%20create%20in%20my%20ADD.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F155994i71A7DF8370C7CEDD%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Untitled.png%22%20title%3D%22Untitled.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-998301%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
HotCakeX
HotCakeX
Respected Contributor

‎11-10-2019 05:32 AM - edited ‎11-13-2019 07:24 AM

‎11-10-2019 05:32 AM - edited ‎11-13-2019 07:24 AM

[FIXED] How to prevent sign in page from asking new users for additional security verification

Update: thanks for all the suggestions, I figured out it was the Windows insider that was causing it.

when I installed Windows 10 build 1909 on a Hyper-V VM and signed into it during installation using AAD, i was not asked to provide phone number.

it was also a new user that I created with no admin rights. 

 

I'm trying to build an AAD-based environment, created few users with standard rights (non-administrators). when I go to one of my Windows 10 machines and try to join it to AAD using work/school account, after entering Email and password, I'm presented with this screen asking for phone number and verification. I'm looking for a way to stop it from appearing.

there is another option in that drop down menu that is for using authenticator app to receive codes but I want to entirely disable this "additional security verification" for the users I create in my ADD. 

 

Untitled.png

 

168 Views
0 Likes
6 Replies
Reply
6 Replies
Thijs Lecomte

‎11-11-2019 02:14 AM

‎11-11-2019 02:14 AM

Re: How to prevent sign in page from asking new users for additional security verification

Are you enrolling them into Intune?

If so, you should disable Windows Hello for Business.
Intune - Device Enrollment - Windows - Hello for BUsiness- put it to disabled.
0 Likes
Reply
HotCakeX

‎11-11-2019 02:57 AM - edited ‎11-11-2019 03:12 AM

‎11-11-2019 02:57 AM - edited ‎11-11-2019 03:12 AM

Re: How to prevent sign in page from asking new users for additional security verification

@Thijs Lecomte 

Hi,

I did what you suggested but it's still asking for phone number.

 

fgsdf.png

 

the user I created is a normal (non-Administrator) user and password reset self service is set to "none".

 

I'm using the Microsoft 365 Business Trial.

 

the Windows 10 that I am trying to sign in into has already a local administrator (an outlook.com personal account).

also I am using Windows 10 insider fast ring build 19018.

 

this is where I am trying to sign in.

 

Annotation 2019-11-11 142639.png

 

0 Likes
Reply
Thijs Lecomte

‎11-11-2019 03:02 AM

‎11-11-2019 03:02 AM

Re: How to prevent sign in page from asking new users for additional security verification

So you are trying to log into the new account page?
That's where you are getting MFA?
0 Likes
Reply
HotCakeX

‎11-11-2019 03:09 AM

‎11-11-2019 03:09 AM

Re: How to prevent sign in page from asking new users for additional security verification

@Thijs Lecomte 

I'm trying to log in on the page I showed in my screenshot above, Windows 10 settings.

 

also MFA is disabled for all my accounts

 

Annotation 2019-11-11 133548.png

 

Annotation 2019-11-11 130839.png

 

0 Likes
Reply
Highlighted
CloudHal

‎11-11-2019 04:55 AM

‎11-11-2019 04:55 AM

Re: How to prevent sign in page from asking new users for additional security verification

@HotCakeX this could be either Security Defaults (See https://aka.ms/securitydefaults for more info) or Azure AD > Conditional Access (unlikely if you have not configured this).

Also look in Azure AD > Sign Ins and look at the logins, click on Conditional Access and it will say if any policies were applied.

Also FYI that page which shows if MFA enable or no always shows disabled if MFA is enforced through either of the above methods.

0 Likes
Reply
HotCakeX

‎11-11-2019 05:53 AM - edited ‎11-11-2019 05:57 AM

‎11-11-2019 05:53 AM - edited ‎11-11-2019 05:57 AM

Re: How to prevent sign in page from asking new users for additional security verification

Hi,
thank you, that FYI is also very helpful

in my AAD sign-ins, I get this
"To see sign-in data, upgrade your organization's subscription to include Azure AD P1 or P2. Your current license status: Azure AD Free"
I activated E5 enterprise plan trial and now I can see the list, in the conditional access column, it says "not applied", for all of them

also in the ADD conditional access, all of them are off.

 

is it possible that Windows insider program has something to do with this?

0 Likes
Reply
Related Conversations
Tabs and Dark Mode
 cjc2112 in Discussions on 09-18-2019
46 Replies
Security Community Webinars
 Valon_Kolica in Security, Privacy & Compliance on 10-22-2019
13 Replies
flashing a white screen while open new tab
 Deleted in Discussions on 10-05-2019
14 Replies
Extentions Synchronization
 Deleted in Discussions on 11-13-2019
3 Replies
Stable version of Edge insider browser
 HotCakeX in Discussions on 10-12-2019
35 Replies
The announcement regarding self-service purchase capabilities for Power Platform products??
 Kelly E in Office 365 on 10-21-2019
64 Replies