This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 20%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
In my company, we want to introduce MFA.
The requirements are:
I enabled the policies that I want, however it doesn't seem to effect the process of setting up the MFA:
In the following picture I have used an account where I enforced the MFA. As you can see, the only two options available are the Authenticator App and Phone. How can I get the other options to appear (e.g. the Hardware Token)?
After that I am always forced in a second step to create an App password. Is it possible to skip this part, while still being able to create an App password afterwards?
Thanks
Philipp
Why are you using app passwords? Thats a legacy thing and do not work with modern auth methods.
https://learn.microsoft.com/en-us/entra/identity/authentication/howto-mfa-app-passwords
Hi Andy, sometimes we need App Passowrds for printer SendAs SMTP Auth. or some other third-party applications which do not support modern auth.
But actually we only need to allow certain users to add app passwords to their account, this shouldn't be part of the generic initial mfa wizard.
My issue isn't related to app passwords, I am more concerned about the initial wizard steps for setting up MFA (for an user at the first logon), where MS AUth app + App Passwords are the two mandatory steps. I only would like to have MS AUth or alternatively hardware token (yubikey). as offered factors.-
Cheers, Philipp