Hello Nick Marchese,
Thanks for your question.
You can implement stricter policies to make the Authenticator app the preferred choice.
You can configure Conditional Access policies to require MFA for specific actions or login attempts. Within these policies, you can prioritize the Microsoft Authenticator app as the primary MFA method.
You can nudge users to set up Microsoft Authenticator during sign-in. Users go through their regular sign-in, perform multifactor authentication as usual, and then get prompted to set up Microsoft Authenticator. See:
https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-mfa-registration-campaign
Please remember to exclude a break glass account for either implementation
Regards,
You can mark it 'Accept Answer' if this helped.