Share via

Is it possible to set up MFA on Multiple devices for the same account?

Anonymous
2024-04-22T14:01:56+00:00

Hello,

I am in the IT department of a lumber company. We are rolling out a new ERP system in the coming weeks and are running into a problem. Each of our locations have at least one front counter computer that is the main POS. The problem that we are running into is that we know that it isn't going to be the same person opening the store every day, but the account that they log into will stay the same. We need to figure out how to make it to where whoever would be opening the store has access to the authentication code and I don't know how to make that happen.

Microsoft 365 and Office | Subscription, account, billing | For business | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-04-22T18:16:26+00:00

    Hello Steve,

    Greetings.

    Setting up Multi-Factor Authentication (MFA) on multiple devices for the same account is technically possible, but it is not recommended due to security concerns. Each user can register up to 5 authenticator apps and 3 phone numbers for one user account. Even after setting up multiple MFA instances, you need to decide which is the default MFA method that will receive prompts when other users attempt to login, which may be inconvenient. Manage authentication methods for Azure AD Multi-Factor Authentication - Microsoft Sign In | Learn with Microsoft

    For your situation, where different individuals need to access the same POS system at different times, you can set up MFA with different options for let's say 2 users. User A (authenticator app), B (Phone number). If the default is the Authenticator app, if user B tries to sign in and are asked for verification, they can choose to use the other options.

    Setting up each user with their own authenticator app configured, on separate devices, is possible but you might not want them all getting a notification when ANY one of them attempts to login to the account. This can be somewhat annoying and any of the other devices can approve or decline the login request, even though they didn’t initiate it.

    In my view, you might consider using a common method like a shared mobile device for MFA prompts that stays at the location, or a shared landline phone number that can receive voice calls for MFA verification. This can reduce all the security risks or confusion that might arise.

    Thank you or your precious time and have a great day.

    Best Regards,

    Ashraf.

    10 people found this answer helpful.
    0 comments
  2. Anonymous
    2024-07-15T06:01:58+00:00

    We have staff that dont want to use their personal mobile phones to log into their microwoft account. We purchased a token/key which can be disconnected from the computer and stored in a secure place where any authorised person can access and use to authenticate the login. This key is inserted into the usb port when logging in the system

    6 people found this answer helpful.
    0 comments
  3. Anonymous
    2024-10-24T14:31:07+00:00

    What's this token, key?

    1 person found this answer helpful.
    0 comments
  4. Anonymous
    2024-04-26T01:12:16+00:00

    Hi Ashraf,

    I understand Microsoft has already started to enable the security defaults setting that includes multifactor authentication recently.

    Thus, if we haven't logged in or enabled this setting when that timeframe ends, Microsoft will enable it automatically.

    In this case, do we have alternative way to disable the MFA for our share account besides the suggestion you given to Steve?

    1 person found this answer helpful.
    0 comments