Hi there,
I just started to setup Azure AD with the free plan and I would like to use MFA. According to the documentations it should be possible to use MFA with the free plan by enabling the "Security Defaults".
Even though "Security Defaults" are enabled, new created users are not getting asked to setup MFA while logging in and can access the Azure Portal just by using username+password (tested with browser in private mode).
The intended behaviour is described here:
https://learn.microsoft.com/en-us/azure/active-directory/authentication/multi-factor-authentication-faq
Is there a free version of Azure Multi-Factor Authentication?
Security defaults can be enabled in the Azure AD Free tier. With security defaults, all users are enabled for multi-factor authentication using the Microsoft Authenticator app. There's no ability to use text message or phone verification with security defaults, just the Microsoft Authenticator app.
How can I enable MFA with the free plan?
The same is written here as well with some more details:
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-licensing
Azure AD free You can use security defaults to enable multi-factor authentication for all users, every time an authentication request is made. You don't have granular control of enabled users or scenarios, but it does provide that additional security step.
Even when security defaults aren't used to enable multi-factor authentication for everyone, users assigned the Azure AD Global Administrator role can be configured to use multi-factor authentication. This feature of the free tier makes sure the critical administrator accounts are protected by multi-factor authentication.
How can I configure Azure AD users with Global Administrator role to use MFA when "Security Defaults" are turned off?
Best regards,
Fabian
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 32%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFN%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 37%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEM%3C/text%3E%3C/svg%3E)