![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 93%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJK%3C/text%3E%3C/svg%3E)
25,148 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 13%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
Hello Juraj Kosa,
Thank you for posting your query in the Microsoft Q&A Community.
Microsoft Authenticator app and enabling MFA in Entra ID are related but distinct concepts. Let me break it down:
Microsoft Authenticator App is a tool for multi-factor authentication (MFA). When users set up the app, they link their accounts to it, which allows them to approve sign-in requests (via push notifications) or generate time-based one-time passcodes (TOTP). However, just having the app linked to an account does not mean MFA is enforced for that user.
When you enable MFA, you're configuring your tenant to enforce additional authentication methods (like the Microsoft Authenticator app) when users sign in. This is the actual enforcement mechanism that ensures users need to provide a second form of authentication (like a code from the Authenticator app) in addition to their username and password.
https://learn.microsoft.com/en-us/entra/identity/authentication/tutorial-enable-azure-mfa
As MFA is a requirement by October 15, you will need to ensure that it’s enabled and enforced at the tenant. The Microsoft Authenticator app is just one of the tools your users can use for MFA once it is set to required.
Let me know if further assistance is needed.
Babafemi