Home

MFA behaviour when logging on with Microsoft Hello

%3CLINGO-SUB%20id%3D%22lingo-sub-136321%22%20slang%3D%22en-US%22%3EMFA%20behaviour%20when%20logging%20on%20with%20Microsoft%20Hello%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-136321%22%20slang%3D%22en-US%22%3E%3CP%3EWhat%20is%20the%20expected%20behaviour%20when%20logging%20on%20to%20a%20Windows%2010%20PC%20with%20MS%20Hello%20switched%20on%20and%20the%20user%20MFA%20enabled%3F%20I%20user%20has%20found%20the%20following%20during%20testing.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20a%20user%20logs%20on%20using%20biometric%2C%20face%20or%20finger%20swipe%2C%20the%20user%20can%20sign%20into%20Office%20365%20without%20being%20prompted%20to%20authenticate%20with%20the%20MFA%20map%20or%20password%20required.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20the%20user%20reboots%20the%20PC%20and%20logs%20on%20using%20the%20PIN%20again%20the%20user%20can%20sign%20into%20Office%20365%20without%20being%20prompted%20to%20authenticate%20with%20the%20MFA%20map%20or%20password%20required.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20the%20user%20reboots%20the%20PC%20and%20logs%20on%20using%20their%20Office%20365%20password%20the%20user%20is%20prompted%20for%20MFA%20via%20the%20app.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-136321%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EMulti-Factor%20Authentication%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Richard McLean
Regular Visitor

What is the expected behaviour when logging on to a Windows 10 PC with MS Hello switched on and the user MFA enabled? I user has found the following during testing.

 

If a user logs on using biometric, face or finger swipe, the user can sign into Office 365 without being prompted to authenticate with the MFA map or password required.

 

If the user reboots the PC and logs on using the PIN again the user can sign into Office 365 without being prompted to authenticate with the MFA map or password required.

 

If the user reboots the PC and logs on using their Office 365 password the user is prompted for MFA via the app.

 

 

Related Conversations