cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Is it possible to Uncheck by default the "Don't ask again for X days"

kirillputryk
Copper Contributor

‎Mar 26 2021 02:25 AM

‎Mar 26 2021 02:25 AM

Is it possible to Uncheck by default the "Don't ask again for X days"

Helo,

We are setting up MFA with Microsoft 365 Standard licences, so we do not have lots of options. Still, is it possible to uncheck option to remember device by default? So user has to check it if needed?

Thank you

kirillputryk_0-1616750684793.png

 

Labels:
3,300 Views
0 Likes
5 Replies
Reply
5 Replies
ibnmbodji

‎Mar 26 2021 04:28 AM

‎Mar 26 2021 04:28 AM

Re: Is it possible to Uncheck by default the "Don't ask again for X days"

Hi if you uncheck the option in the main configuration
You will get this : Note: disabling this feature means that all users will be required to sign in using Multi-Factor Authentication, even if signing in from a previously-remembered device.

You should you conditionnal access tp have more options .
0 Likes
Reply
kirillputryk

‎Mar 26 2021 04:31 AM

‎Mar 26 2021 04:31 AM

Re: Is it possible to Uncheck by default the "Don't ask again for X days"

Hi, you are talking about service configuration - I do want let users to remember device fo 90 days, but I do not want this option to be checked as default, when they are logging in...
0 Likes
Reply
ibnmbodji

‎Mar 26 2021 04:39 AM

‎Mar 26 2021 04:39 AM

Re: Is it possible to Uncheck by default the "Don't ask again for X days"

It's not possible simply because they need to define for the first time what is their are trusted device . And checking the box mark the device as trusted .
See the part of the documentation below

Mark a device as trusted
After you enable the remember Multi-Factor Authentication feature, users can mark a device as trusted when they sign in by selecting the option for Don't ask again.

and the reference : https://docs.microsoft.com/EN-US/azure/active-directory/authentication/howto-mfa-mfasettings
0 Likes
Reply
kirillputryk

‎Mar 26 2021 04:45 AM

‎Mar 26 2021 04:45 AM

Re: Is it possible to Uncheck by default the "Don't ask again for X days"

I understand that. I want them to check trusted device (that is perfectly fine). But right now they have tu uncheck untrusted devices. So is it possible to setup default value "Uncheck" so users have to "Check"?
0 Likes
Reply
ibnmbodji

‎Mar 26 2021 05:08 AM

‎Mar 26 2021 05:08 AM

Re: Is it possible to Uncheck by default the "Don't ask again for X days"

In my opinion it's not possible since this option does'nt exist neither in MFA service settings nor in MFA user settings .They are supposed to authenticate with their corporate devices or the device that they plan to use for work . They still can disable their device and disconnect from all if there is an risk identified or a loss
0 Likes
Reply