Bypass MFA On Password Change

Chris Smith 0 Reputation points

I've configured MFA for my environment by manually enforcing it at the user level and via Conditional Access. I've also added the IP range to exclude MFA for my campus, which is working. However, users are still getting prompted for MFA when they change their passwords. The issue is in our environment, users are not allowed to have cell phones while working, so they can't use MFA. We also require password changes every 90 days. Is there any way to not get prompted for MFA on a password change without disabling it completely?

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
4,465 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 133.6K Reputation points MVP

    SSPR requires some sort of authentication method. It could be password and phone. though not recommended not to use true MFA:

    User's image

    0 comments No comments