User authentication problem

Question

Hello everyone,

for some time now, we have been encountering difficulties with user login authorization.

Microsoft Authenticator application and phone numbers are used for the authorization process. We have created a security group to which all company users are added. If the users are assigned to this group only, logging in goes well.

On the other hand, if in Entra, in the “Multicomponent Authentication per user” tab, we set forcing this process for a particular user, there are problems with authorization. Users have to confirm a single login several times with the application, which leads to unnecessary complications.

Has anyone faced this problem and can solve it?

Thank you in advance for your reply.

Greetings

Answer 1

Hi @Worosz Maciej
Thank you for posting your issue on Microsoft Q&A.

I understand that you have created a security group to which all company users are added, and the Microsoft Authenticator app along with phone numbers are used for the authorization process, which works well for login.

However, when enabling per-user MFA for a particular user, they are prompted for MFA each time they sign in. You can set exceptions, such as allowing sign-ins from trusted IP addresses or enabling the "remember MFA on trusted devices" feature to reduce repeated prompts.

Using both MFA methods can cause conflicts, so it is recommended to stick with the group-based MFA (using the Microsoft Authenticator app and phone numbers) for all users, as it is both the most efficient and cost-effective solution. This approach will help you avoid login authorization issues.

Hope this helps. Do let us know if you have any further queries.

If this answers your query, do click `Accept Answer` and `Yes`.