Why is user being asked to for 2FA every time they log in/unlock?

Jennifer Storkamp 0 Reputation points
2023-09-22T17:17:40.3766667+00:00

I have a user that is on a domain joined workstation, azure ad profile. And every time they sign-in or unlock their profile they are given a prompt for 2FA (DUO push if it matters). No one else has this issue, and it's been this way since they got their new laptop (almost 3 months ago).

I've removed their O365 account, reviewed event logs, checked Conditional Access policy, and scrubbed Cred. Manager. DUO logs point to Microsoft RDP continually asking for the 2FA, Entra says it's a mix of 'My Signins and Microsoft Account Controls V2'. This doesn't happen with any of the apps and no other users are experiencing this.

I've tried a lot but nothing short of putting the user in Bypass will let them skip having to do 2FA at every login. Any thoughts?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.