Forum Discussion
Setting Microsoft Authenticator as default
Hello,
We support multiple MFA methods Authenticator app, text, call.
Is there a way to set Microsoft Authenticator as the default MFA Method and do not allow users to "delete/remove" it?
JamesRV Hi, you can choose the available options in the MFA service settings Configure Azure AD Multi-Factor Authentication - Azure Active Directory | Microsoft Docs
And you also have the preview Passwordless sign-in with the Microsoft Authenticator app - Azure Active Directory | Microsoft Docs
ChristianBergstrom
Thank you for your response. I do know how to enable MFA methods.
We are trying to see if we can "Force Authenticator as a method that cannot be removed."When you have multiple options available like authenticator/text/phone call the user can "delete/remove" authenticator and use only text/phone.
We want to ensure that Authenticator is Always the primary and couple of other options as secondary.
I do not see any documentation to be able to do this.- Well, if you remove the other options under MFA service settings.
From the Preview link.
”Azure AD lets you choose which authentication methods can be used during the sign-in process. Users then register for the methods they'd like to use.”
You can always select the ”Use a password instead” link on the sign-in page to switch back to using your password, and the other way around.
https://docs.microsoft.com/en-us/azure/active-directory/user-help/user-help-auth-app-sign-in
