SOLVED

Users asked for 2nd MFA method

Iron Contributor

Hi there,

starting today a couple of users reported that, seemingly out of the blue, they're being asked to configure a second method for their MFA setup. For example, if a user has configured to to use MSFT Authenticator app, he will be asked to provide an additional method. This doesn't seem to be widespread yet and we couldn't reproduce thus far.

 

Perhaps someone of you knows what could be causing this.

 

Thanks.

3 Replies

@colonel_claypoo 

Any changes from your tenant, like security defaults, conditional access and MFA?

best response confirmed by colonel_claypoo (Iron Contributor)
Solution
Hello @colonel_claypoo
There are several reasons why users may be prompted to configure a second MFA method. Here are a few possible explanations:

1. Changes in security settings or policies: It's possible that an administrator recently updated the security settings or policies for your organization, requiring users to have a second MFA method configured. Check with your organization's administrators to see if any changes were made to the security settings.

2. Conditional Access policies: If your organization uses Azure Active Directory (Azure AD) and has set up Conditional Access policies, users might be prompted to provide additional authentication methods based on certain conditions (e.g., logging in from an unfamiliar location or device). Review your Conditional Access policies to see if any changes were made recently.

3. User settings: Users might have accidentally triggered the prompt for a second MFA method by changing their own security settings. Instruct the affected users to review their security settings and ensure they are correctly configured.

4. Software update: Microsoft occasionally rolls out updates to Azure AD and its security features. It's possible that a recent update has caused the prompt for a second MFA method. Keep an eye on the Azure AD release notes and announcements for any changes that could have affected MFA.

5. Potential security threat: If the prompt for a second MFA method is unexpected and cannot be traced back to any changes in policies or settings, it could be a sign of a potential security threat. In this case, it's essential to investigate the issue thoroughly and ensure that the affected users' accounts are secure.

To diagnose and resolve the issue, start by checking your organization's security settings and policies, as well as any recent changes to Azure AD or Conditional Access policies. If the problem persists, consider reaching out to Microsoft Support for further assistance.
Thanks. So it seems that two things were changed.
1. Number of auth methods when re-confirmation of methods is triggered (from one to two)
2. The number of days until asked to do so was decreased.
1 best response

Accepted Solutions
best response confirmed by colonel_claypoo (Iron Contributor)
Solution
Hello @colonel_claypoo
There are several reasons why users may be prompted to configure a second MFA method. Here are a few possible explanations:

1. Changes in security settings or policies: It's possible that an administrator recently updated the security settings or policies for your organization, requiring users to have a second MFA method configured. Check with your organization's administrators to see if any changes were made to the security settings.

2. Conditional Access policies: If your organization uses Azure Active Directory (Azure AD) and has set up Conditional Access policies, users might be prompted to provide additional authentication methods based on certain conditions (e.g., logging in from an unfamiliar location or device). Review your Conditional Access policies to see if any changes were made recently.

3. User settings: Users might have accidentally triggered the prompt for a second MFA method by changing their own security settings. Instruct the affected users to review their security settings and ensure they are correctly configured.

4. Software update: Microsoft occasionally rolls out updates to Azure AD and its security features. It's possible that a recent update has caused the prompt for a second MFA method. Keep an eye on the Azure AD release notes and announcements for any changes that could have affected MFA.

5. Potential security threat: If the prompt for a second MFA method is unexpected and cannot be traced back to any changes in policies or settings, it could be a sign of a potential security threat. In this case, it's essential to investigate the issue thoroughly and ensure that the affected users' accounts are secure.

To diagnose and resolve the issue, start by checking your organization's security settings and policies, as well as any recent changes to Azure AD or Conditional Access policies. If the problem persists, consider reaching out to Microsoft Support for further assistance.

View solution in original post