Hi @Sean Smith
Thank you for reaching out to the community forum!
If you Enable the Security Defaults for your tenant will prompt all users to register for MFA immediately.
All users have 14 days to register using the Microsoft Authenticator app after the 14 days pass, the user can't sign in until registration is completed.
If you need more time to prepare for MFA rollout, you can disable Security Defaults temporarily or
you can disable Security Defaults and then re-enable it later, the 14-day timer for MFA registration will start over from the time you re-enable it. This means that users who have already registered for MFA will not be prompted to register again, but users who have not registered will be prompted to register within 14 days.
Hope this helps. Do let us know if you any further queries.
Thanks,
Akhilesh.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.