Mar 16 2020 02:30 PM
Dear community members,
We've created a free MS Teams group. After a while the login process started to force two factor authentication. It can be delayed for 14 days. I would like to switch that off completely for the whole group, because (1) there is nothing sensitive in the group from security point of view (classroom team) and (2) many of the members had problems with the registration which will now become even harder with the two factor authentication.
Thank you for any hints, help!
Mar 31 2020 12:16 AM
Mar 31 2020 01:24 AM
SolutionThat's not two-factor auth, that's the registration feature for SSPR/MFA: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr...
You can toggle the corresponding policies via the Azure AD portal: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/PasswordReset
Apr 01 2020 01:48 PM
@Vasil Michev, thank you for the answer! The trick was to switch off "Security defaults".
Apr 10 2020 02:24 AM
@Lazar3bSame problem here. Where can we find the switch off "Security defaults" option?
Apr 15 2020 11:48 PM
@almeidap , sign in and use the portal.azure link given above. On the top of the page in the navigation bar click the name of your group, then select "Properties" from the menu on the left. In the bottom of the page click "Manage security defaults" link, which opens the "Enable Security defaults" toggle on the right.
Seems like they intentionally made this more complex then it should be...
Dec 02 2020 04:46 AM
Disable MFA for organization
Aug 15 2023 01:49 PM
@Vasil Michev Microsoft required me to type in my phone number after registering this work email. I could not type in the office number as it has an extension. So, I had to use my cell. This account is accessed by multiple people. I just want to make sure that they can access it without asking me for a code.
Mar 31 2020 01:24 AM
SolutionThat's not two-factor auth, that's the registration feature for SSPR/MFA: https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr...
You can toggle the corresponding policies via the Azure AD portal: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/PasswordReset