Make sure, it's a prompt for setting up MFA and not - as in a case I had yesterday - because you've enabled Self-Service Password Reset. It looks similar. When we disabled Self-Service Password Reset, the prompt disappeared.
Cannot disable prompt for MFA (More information required)
Prompted upon sign in:
More information required
Your organization needs more information to keep your account secure.
Azure AD has Security Defaults set to disabled.
No Conditional Access policies for MFA assigned to this account
MFA status in legacy MFA portal set to Disabled
Due to the systems used with this account it needs all MFA prompts disabled. Anything else I could be missing to get this prompt removed on this account?
Appreciate the help.
5 answers
Sort by: Most helpful
-
-
Marilee Turscak-MSFT 37,056 Reputation points Microsoft Employee
2021-01-08T22:21:03.387+00:00 In Azure AD you can enable and disable Azure MFA these ways:
- Using Conditional Access policies
- Using the MFA service portal
- Using the admin center
Note that when you start using Conditional Access you should "Disable" all of your users the old way. Conditional Access doesn't flip the enable/disable/enforce flag. If using Conditional Access then they should all be disabled as per user MFA overrides CA.
If the MFA has been enabled through the MFA service portal, then you can go to the MFA service portal and disable the MFA for those users there.
You can also check in the admin center but anything in the admin center should be immediately reflected in the regular MFA service portal, and vice versa.
Let me know if this helps!
-
Griffin Sabo 1 Reputation point
2021-01-08T23:45:04.627+00:00 @MarileeTurscak thanks for the reply. For this account in the MFA service portal they are set to disabled. I do have a conditional access policy configured for MFA but the only user it applies to is my account which is separate from the one in question. Is there anywhere else that this could be forcing this prompt upon sign in. This seems like unexpected behaviour after verifying the settings you listed are disabled / not applied to the user.
-
Youssef Benjelloun 1 Reputation point
2022-01-12T19:57:24.09+00:00 @Robert Thank you !!
-
Donovan du Val 1 Reputation point
2022-01-13T13:03:04.277+00:00 Also note that if MFA is enforced in the Per-user MFA portal, that this can have an effect on the Conditional Access Policies MFA enforcement. Best to confirm that the users affected make use of CA's MFA enforcement instead of per-user MFA enforcement.
https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates