You cannot control the default method, but each user can select the "I want to set up a different method" link and configure SMS as needed. You as an admin are prompted for 2 different methods because of SSRP requirements, which now use the same registration process as MFA. Thus, you can consider enabling all your users for SSPR too, and configure the methods for it via https://portal.azure.com/#view/Microsoft_AAD_IAM/PasswordResetMenuBlade/~/AuthenticationMethods
Office 365 | AzureAD | MFA | Is there place to to assign which method will show in the login secession after we set MFA to 'enforced' ?
Hi everyone,
Recently, My company have started to use Multi-Factor Authentication.
As a Global admin, I participate the setup of the MFA
In this programme we are planing on use {(Auth App) + (SMS Auth)} as two step Authentication.
I have tried my own Acc , it request me to sign-in (Auth App) + (SMS Auth) when I logged in (which is the correct condition we want).
But after I logged in to new testing acc with enforced status ,
It only request me to setup (Auth App) instead of {(Auth App) + (SMS Auth)} .
So my question is "Is there place to to assign which method will show in the login secession after we set MFA to 'enforced' ?"
I have searched for the related article but nothing useful to me.(may be I chose wrong key words.)
And also, apologize for my horrible English skill.
I believe that asking question in English community may have move information.
Thanks and regard.
love you guys
Ps.
The SMS auth is fine to sign-in in the security info but my users are kind of "uninitiative"
1 additional answer
Sort by: Most helpful
-
Tung Yeung 41 Reputation points
2022-12-01T08:12:07.703+00:00 Thanks for your quick reply.I have tried the sspr you mentioned and it worked well. Thanks a lot!