Why was I forced to conduct a Review of my Security Info?

James M. Arthurs 51 Reputation points
2023-05-22T20:28:31.92+00:00

My non-elevated account was forced to go through a "User reviewed security info" activity when logging in over the weekend, and my manager was also forced to go through it on Monday. A review of our Audit Logs doesn't show any other users having to conduct this review.

Is there a configuration that controls when a user must conduct this kind of review? We've had Azure for several years and this is the first time I recall having to do this.

Management would like to know if we have the ability to control how frequently or what parameters triggers this event.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,532 questions
{count} votes

Accepted answer
  1. JamesTran-MSFT 36,541 Reputation points Microsoft Employee
    2023-05-24T22:57:23.59+00:00

    @James M. Arthurs

    Thank you for the detailed response on this!

    From your current workflow and screenshots, I believe your issue might be related to the new Combined Registration experience. This is now the default MFA and SSPR registration experience for all organizations, as of Mar. 14th, 2023, which could explain why you were recently required to review your security info. For more info.

    Interrupt mode:

    The following are sample scenarios where users might be prompted to register or refresh their security info:

    • Multifactor authentication registration enforced through Identity Protection: Users are asked to register during sign-in. They register multifactor authentication methods and SSPR methods (if the user is enabled for SSPR).
      • Multifactor authentication registration enforced through per-user multifactor authentication: Users are asked to register during sign-in. They register multifactor authentication methods and SSPR methods (if the user is enabled for SSPR).
      • Multifactor authentication registration enforced through Conditional Access or other policies: Users are asked to register when they use a resource that requires multifactor authentication. They register multifactor authentication methods and SSPR methods (if the user is enabled for SSPR).
      • SSPR registration enforced: Users are asked to register during sign-in. They register only SSPR methods.
      • SSPR refresh enforced: Users are required to review their security info at an interval set by the admin. Users are shown their info and can confirm the current info or make changes if needed.

    Findings:

    When it comes to modifying the feature to change the frequency of when registered users are prompted to re-confirm their existing authentication information, you should be able to do this by changing your current SSPR Policy. However, please keep in mind that as a Global Admin your user will be adhering to a separate two-gate password reset policy that can't be changed.

    User's image


    Additional Links:

    I hope this helps!

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.


    If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.


0 additional answers

Sort by: Most helpful