Mar 25 2019
07:40 AM
- last edited on
Jan 14 2022
05:20 PM
by
TechCommunityAP
Mar 25 2019
07:40 AM
- last edited on
Jan 14 2022
05:20 PM
by
TechCommunityAP
Hi all,
We have an Azure APP that we want to always ask for MFA code. This is a sensitive app that requires connecting from outside our LAN.
Right now, our service settings is set to allow users to remember MFA on devices they trust for 30 days.
I need to bypass this and force the users to always enter credentials every time they login to the app.
Is there a way to do that?
Thanks, Rahamim.
Mar 25 2019 12:42 PM
Afaik you cannot. @Daniel Stefaniak was just discussing a similar scenario on another board, perhaps he can tune in here as well.
Mar 25 2019 02:08 PM
@VasilMichev
in genera prompts are bad for security:
https://duo.com/blog/usability-is-security-the-future
https://duo.com/blog/part-1-usability-is-security. We will not let you compromise your security posture by breaking fundamentals of SSO
Mar 25 2019 09:06 PM
Mar 26 2019 11:28 PM
Solution@RahamimL you can set MFA policies per app if you have Azure AD P1/P2 using conditional access. However, AFAIK it can not be used to overrule the "remember MFA for 30 days".
Jan 06 2022 07:09 AM
Jan 08 2022 11:18 PM
Mar 26 2019 11:28 PM
Solution@RahamimL you can set MFA policies per app if you have Azure AD P1/P2 using conditional access. However, AFAIK it can not be used to overrule the "remember MFA for 30 days".