Forum Discussion

Jtaber's avatar
Jtaber
Copper Contributor
Apr 16, 2020

Standard users not getting SMS as an MFA verification option - Only getting App

My users get an error: Additional security verification Mobile app verification option is not enabled for your organization. Contact your IT admin. My global admin can setup SMS verification no probl...
Azure Active Directory (AAD)
Identity Management
microsoft 365
Jtaber's avatar
Jtaber
Copper Contributor

VasilMichev,

Thanks for the quick reply.  I've toggled this off and now my users have the option to use a phone after I enable MFA for them individually.

I'd prefer to keep best practices (IE: Default Security) but this instance forces me to disable it so that I can toggle on SMS for a user without a smart phone - YUP - I found someone that seriously doesn't have a smart phone.   🙂

That being said, and I'd like to maintain default security for them.  Is there any suggestions or resources you may direct me to for best practices that I may read or educate myself with for current best practices?

 

Thanks again for the quick response - this was very helpful.

 

John

 

VasilMichev's avatar
VasilMichev
MVP
Apr 17, 2020

The article above details which settings exactly the "security defaults" configure. They are mostly intended for smaller shops, and as long as you have Azure AD P1 or equivalent licenses, you can ignore them and configure Conditional access policies instead, which give you a lot more flexibility.

Resources