I'm planning on implementing Azure AD MFA with a conditional access policy.
I have gone through all the steps and have a good understanding on the process. However I have bit of a grey area where I like to get your thoughts on.
I have my Conditional Access Policy's Sign-in frequency setup to 2 hours for the test purposes
I have my user who is working as normal.
I send the user to register for MFA via the https://aka.ms/MFASetup URL and its successful.
Added the user to the pilot group where I have assigned the Conditional Access Policy to.
My question is - Will the user get the very 1st (initial) sign-in prompt 2 hours after they signed up for MFA?
Also I would like to clarify on how the timing works on an unmanaged device and an Azure AD registered device.