MFA 14 days grace period

Brass Contributor

is there any other options apart from below two ?


As mentioned, for the 14 day grace period to apply to users when registering for MFA, there are two ways to achieve this. One way would be to enable Security Defaults which would enable MFA for the entire tenant. This option does not need additional licenses and can be enabled from the AAD portal. For more information on SD, please refer to
The second option would be to enable the AAD MFA Registration Policy. To do this, you would require Identity Protection, which is included within the AAD Premium P2 licenses. This policy will apply to Conditional Access Policies. For more information on this, please refer to


The GitHub Azure Docs forum that discusses this is within the following site
2 Replies
For the grace period? Only these two AFAIK.



We have a CA for all users -MFA Enabled

Also Azure P2 

Again IP - Policy enforcement Enabled. 


but no 14-day grace period?