Registration campaign to set up Microsoft Authenticator
Microsoft is enabling a stronger form of multifactor authentication from 15th September onwards.
What this update is going to do:
This will disable the SMS and Call authentication and for the users who have it enabled.
When this prompt will be comes to register for Microsoft Authenticator
Users go through their regular sign-in, perform multifactor authentication as usual, and then get prompted to set up Microsoft Authenticator.
For how many times user can skip/snooze this:
This configuration can be skipping 3 times by the end user and after that they have to register for Microsoft Authenticator app. in order to use Multifactor Authentication.
What will be the impact?
Users who do not want to install the app. on their personal phones as it’s not the company phones.
What will be the solution in this case.
Solution is to disable this new update before it gets start giving prompt to end users.
How this can be disable:
1: We need to go to Microsoft Entra ID portal:
2: Please look to the below image for further understanding for enabling and disabling option:
Click on 3rd option to edit and there you will have 3 options:
- Microsoft managed: That setting allows Microsoft to set the default value to be either Enabled or Disabled. (Now its enabled)
- Enable: Enabling will enable the Microsoft authenticator for scoped users to register
- Disable: This will disable this feature and continue with legacy authentication method SMS & Call.
You can define the scope of Authentication Method: By default, it is set to all.
You can define the Group based or user-based scope for this new MFA authentication to take place.
Thank and Regards