Disabling mandate for Email and Phone 2FA within MS 365 business administrator accounts

Soulfire Jarexi Backblaze 0 Reputation points
2024-09-02T09:54:52.85+00:00

Hello, I would only like to use FIDO2 and TOTP as forms of 2FA across my organization for security reasons. I have successfully managed to enable this for one of my lower privileged accounts, and the system automatically found TOTP and passed it as being acceptable. However, with my organization's admin account, despite already having the aforementioned forms of 2FA set for the account, I am still receiving a "More information required" prompt requiring me to add on either Phone or Email based 2FA before continuing, despite both having been disabled within the MS Entra console. I do not wish to use these forms of 2FA and would like for this prompt to not appear every time I sign in without setting these forms of authentication. Is there any way I can do this, ideally without disabling security baselines or anything like that?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,414 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.