Password reset does not stop access if valid MFA token

Robert Cook 1 Reputation point

Using MFA Server with ADFS Adapter

If a MFA enabled user changes their password, email is still accessible on phone without having to change password, assuming until token expires.

I have read with Azure AD the refresh token would require the device to re-authenticate, I cant see an option to achieve this using MFA Server & ADFS.

Is this possible?

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
989 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,537 questions
{count} votes

1 answer

Sort by: Most helpful
  1. T. Kujala 8,526 Reputation points

    Yes, it is possible.

    Here you will find more information how to configure token lifetimes.