After Security Defaults are enabled after 14 days, how long until users are prompted for MFA

Question

Hi,

We are were prompted during Microsoft SSO that the Security Defaults for our tenant will be enabled. As we are still prepping to roll out MFA for users, I am curious on how quickly the users will be prompted to register for MFA?

Ideally, we need a little more time to prep and would just like to toggle disable and save to buy us more time?

Also, would that just start the 14 day timer over from the enable prompt?

Thank you for your time!

Answer 1

Hi @Sean Smith

Thank you for reaching out to the community forum!

If you Enable the Security Defaults for your tenant will prompt all users to register for MFA immediately.

All users have 14 days to register using the Microsoft Authenticator app after the 14 days pass, the user can't sign in until registration is completed.

If you need more time to prepare for MFA rollout, you can disable Security Defaults temporarily or
you can disable Security Defaults and then re-enable it later, the 14-day timer for MFA registration will start over from the time you re-enable it. This means that users who have already registered for MFA will not be prompted to register again, but users who have not registered will be prompted to register within 14 days.

Hope this helps. Do let us know if you any further queries.

Thanks,

Akhilesh.

---

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Answer 2

Users will be prompted to register for MFA for 14 days following their initial login as soon as you enable Security Defaults. After that period, they will be forced to register for MFA

---

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

hth

Marcin

Answer 3

Thank you!