Hello all,
I'm not sure if this question is related to SSPR or MFA behavior.
Scenario: MFA is mandatory in our environment: alternatively telephone call or message, Authenticator and security questions have to be filled
We have to fill the form with 5 answers.
Users with security questions already set, sometimes can't access on o365 or onedrive. It seems that the answers expire.
Only allowed way to continue for the users is to replace all 5 answers.
For the moment, I don't find any event that trigger this kind of behavior: The users affected did not change hardware or their domain password.
And in official MS docs https://support.microsoft.com/en-us/account-billing/set-up-security-questions-as-your-verification-method-3d74aedd-88a5-4932-a211-9f0bfbab5de8 I've not found out yet any clues about the expiration date of those answers.
Can anyone please tell me if security questions expire?
If there is no expiration date, what does force the user to change the 5 mandatory answers?
Thank you in advance!