"Your organization needs more information to keep your account secure" upon sign in

Copper Contributor

I've been trying to get an organization over to Azure AD from an on-premise server. After Azure AD joining the computers and attempting a sign-in, it seems all users are greeted with the typical "Use your fingerprint" and Windows Hello screens. After getting past those two screens, they are met with the "Your organization needs more information to keep your account secure" screen. I have checked that the Security Defaults are disabled in Azure as well as SSPR. I also checked to make sure that MFA is disabled for all accounts.

 

Thanks!

3 Replies
If the account has admin permissions in O365/Azure AD, he will still need to go over the process. Other than that, you've covered the basics. Check for Azure AD Identity protection driven MFA registration too.
Thank you for the recommendations! I have had the time to check the Identity protection section, however, this particular client does not have Azure AD Premium P2. I'm guessing that nothing from this would be affecting the users if we don't have access to the feature. Is there anything else that could be forcing this?

I also realized that I was testing primarily with Global Administrators, so I took the liberty to test with a normal-access user. They were also getting the MFA prompt.

If I can't get around the Global Admins being forced to set up MFA, I am fine with that, but I definitely need to find a resolution for the normal users.

Thank you again for your help!
Since you mentioned Azure AD join, are you forcing MFA as part of this process? Check the relevant setting under Azure AD blade > Devices > Device settings.