Apr 17 2020 03:43 PM - last edited on Nov 09 2023 11:10 AM by
When I visit Azure Active Directory -> Users -> Multi-Factor Authentication, our initial accounts show "Multi-Factor Auth Status" as "Disabled", but we are seeing MFA prompts. I find it confusing that something shows "disabled" that is really turned on somehow??? Is there more than one type of MFA?
We just received a trial for G1 as part of building a use case for moving to Office 365. I setup the tenant space by confirming our identity and I am a Global Administrator. I was prompted to setup MFA on my second logon, but I don't recall being offered any option other than text message. My understanding is that I had to turn on MFA for our accounts so I just setup SMS to get logged on the second time.
Dec 14 2022 03:34 PM
Apr 20 2023 05:17 PM
@LibraryITGuy I found the Password Reset was "selected" to all users in our company, maybe it causes the MFA prompts even if it shows Disabled in the M365 admin portal. The security default is disabled.
Another issue is, if the user lost his mobile phone and need to reset MFA, where should I reset it ? Usually, I set it in the M365 MFA portal ->Manage user settings-> ticked all the three selections, and then save.
" Require selected users to provide contact methods again
Delete all existing app passwords generated by the selected users
Restore multi-factor authentication on all remembered devices "
But now I got the error:
"MFA methods can’t be removed for the currently signed-in user account. Please visit https://aka.ms/mysecurityinfo for self operations." The url redirects to my account profile->security info. I know that I can delete the MFAed device, while if I already lost my mobile phone, how can I login to my account to do that by myself?
Jul 06 2023 08:54 AM
@Germaum thank you a lot! Worked perfectly.
Mar 09 2024 08:55 AM - edited Mar 09 2024 08:56 AM
@LibraryITGuy- this was a great help, I was going crazy with this login loop issue, I'm an admin as well as a user so I think since I was set for MFA automatically (?) this started acting up as soon as I migrated to Win 11 for some reason. Removing MFA on my login made no difference until I tried your solution.
Anyone trying this solution be aware it can take quite a few minutes to take effect.
Mar 12 2024 07:18 AM