Share via

Change default MFA verification method for new users

Stavros 40 Reputation points
2023-03-27T22:05:21.9766667+00:00

Ever since combined registration for MFA and SSPR was enabled for our tenant, Microsoft Authenticator has become the default verification method for new users. I was wondering if there is a way to change this and make Phone being the default verification method, while allowing Microsoft Authenticator as an alternative.

MicrosoftTeams-image

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Authenticator
0 comments
Answer accepted by question author
  1. Vasil Michev 123.7K Reputation points MVP Volunteer Moderator
    2023-03-28T07:23:58.4833333+00:00

    There is no way currently to configure a default method, as long as multiple methods are enabled the user can select/use any of them. The preference for Authenticator is due to Security defaults, and similarly we now have the "system-preferred" policy as detailed here: https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-system-preferred-multifactor-authentication

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.