How to disable forced Authenticator App?

Damon Boyer 30 Reputation points

HELP! We just got a notice: "We’ll enable security improvements in Microsoft Entra ID beginning September 15, 2023" - tomorrow. We do not want to use Forced Microsoft Authenticator. Many of our users do not even have Cell Phones, or don't use their personal cell phones for work. We do not provide the majority of users with a cell phone. We like having Microsoft Authenticator as one of many options, but not forced. I have had users in many circumstances, where they could not get SMS but had data connection; or vice versa. The ONLY thing that let them login was having various second factor methods.

This will be a deal breaker Microsoft. We are in Public Sector Legal, subject to Public Records - we are not going to convince a bunch of attorneys to use their personal phones for work related communications. We will have to leave Azure/365.

How can we configure it to not require Microsoft Authenticator?

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
3,962 questions
Microsoft Entra
{count} votes

Accepted answer
  1. Andy David - MVP 130.5K Reputation points MVP

    Go to : Security/Authentication Methods / Settings in the portal. Set to disabled.

    Also exclude your users from any enabled registration campaign:

    User's image

    User's image

    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
  1. SyBox 10 Reputation points

    Yes, this puts many of us in a pickle. There cannot possibly be an enforcement. Following for a possible solution.

    1 person found this answer helpful.
    0 comments No comments

  2. Michael Pritchard 5 Reputation points

    This is controllable via the registration campaign in the Microsoft Entra Admin Portal. Changing state from "Microsoft Managed" to "Disabled" should prevent Microsoft switching the default tomorrow.