Is there a default time period before users are asked to verify security details again?

TonyL 21 Reputation points
2019-12-04T09:10:12.197+00:00

We have some users who are registered for self service password reset and MFA via conditional access.

Recently a few users have been prompted to verify their security details whilst logging in, these users had registered for sspr and mfa via the combined registration some months ago.

Is it expected behaviour for users to be prompted to verify their security information every few months? Is this a default setting?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,493 questions
Accepted answer
  1. KAREDD-MSFT 391 Reputation points Microsoft Employee
    2019-12-04T09:27:32.03+00:00

    Hi @TonyL ,

    This is actually controlled by a setting "Number of days before users are asked to re-confirm their authentication data". You can manage this setting from the Azure Portal > Azure AD > Password Reset > Registration.

    Ref: https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment#registration-settings

    You can set this value to a maximum of 730 days (2 years). If you set it 0 days, users will never be prompted to re-register.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest