How to disable the two factor authentication from single user.

asked 2020-09-21T15:08:20.723+00:00
Ashwin Barfa 21 Reputation points

Hi,
We are using SharePoint. And we would like to disable the two factor authentication for only one or two users.
Thanks in Advance

Microsoft Office Online Server
Microsoft Office Online Server
Microsoft on-premises server product that runs Office Online. Previously known as Office Web Apps Server.
365 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
5,976 questions
{count} votes

Accepted answer
  1. answered 2020-09-22T05:56:50.02+00:00
    Emily Du-MSFT 24,291 Reputation points Microsoft Employee

    @Ashwin Barfa
    Go to Microsoft 365 admin center -> Users -> Active users -> Select the user -> Manage multifactor authentication -> Select the user -> Disable multi-factor authentication.
    26343-1.png
    26365-2.png


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


7 additional answers

Sort by: Most helpful
  1. answered 2020-09-21T16:14:57.46+00:00
    Vasil Michev 61,446 Reputation points Microsoft MVP

    Well, how are you enforcing two-factor authentication for your users?

    No comments

  2. answered 2022-09-16T18:27:15.063+00:00
    George Chrysovalantis Grammatikos 371 Reputation points Microsoft MVP

    Hi @Jan Erik Bolz ,

    It is important to know that MFA is not recommended to be disabled on user accounts.
    In response to your query, you can disable MFA by following the below PowerShell code:

    Connect-MsolService

    • Get the StrongAuthenticationRequirement configured to the user account

    (Get-MsolUser -UserPrincipalName account@keyman .com).Strong

    • Remove StrongAuthenticationRequirements from the user account

    $mfa = @()
    Set-MsolUser -UserPrincipalName account@keyman .com -StrongAuthenticationRequirements $mfa

    • Verify MFA has been removed

    (Get-MsolUser -UserPrincipalName account@keyman .com).StrongAuthenticationRequirements

    $User = Get-MSolUser -UserPrincipalName account@keyman .com
    $User.StrongAuthenticationMethods

    And you can also try to do this through the Azure Portal and account portal:

    https://portal.azure.com/
    https://account.activedirectory.windowsazure.com/

    I would also suggest to Revoke multifactor authentication sessions and Revoke sessions for the user account.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it.

    No comments

  3. answered 2022-09-15T09:58:55.18+00:00
    Jan Erik Bolz 6 Reputation points

    I have the same issue: Despite the MFA is deactivaed in Admin Center for a specific user, when loggin into OWA with the same user, there is still a 2nd factor neccessary.

    How to disable that? Thanks for help!

    No comments

  4. answered 2022-09-15T02:21:55.153+00:00
    Melida Kacapor 1 Reputation point

    Hi I have a user and in the settings its displayed that the 2FA is disabled but when im trying to sign in its still requesting.
    Please help.

    No comments