MFA users required to use Authenticator app

Question

Our MFA users are suddenly required to use the Authenticator app and not given a choice of methods - how do I fix this?

Answer 1

@Amy Crowns

Thank you for posting this in Microsoft Q&A.

Looks like Entra registration campaign is enabled in your Entra ID.

This feature allows targeted campaigns to move users from less secure authentication methods to Authenticator.

You can nudge users to set up Microsoft Authenticator during sign-in. Users go through their regular sign-in, perform multifactor authentication as usual, and then get prompted to set up Microsoft Authenticator. You can include or exclude users or groups to control who gets nudged to set up the app.

You can also define how many days a user can postpone, or "snooze," the nudge. If a user taps Skip for now to postpone the app setup, they get nudged again on the next MFA attempt after the snooze duration has elapsed. You can decide whether the user can snooze indefinitely or up to three times (after which registration is required).

You can check below article to confirm if registration campaign is enabled for your tenant.

https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-mfa-registration-campaign

Also, refer above article to check the user experience when registration campaign is enabled.

Let me know if you have any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.