Share via

Microsoft Azure MFA and SSPR

32billablehours 1 Reputation point
2021-10-25T23:26:31.17+00:00

I am looking to change the Security Questions that we have enabled for users when using MFA. The plan is to delete some of the existing ones and replace them with a much smaller subset of questions.

I am a little worried about the end user experience, what happens once we remove Security Questions and put in new ones, and how can we enforce the users that have Security Questions to reregister using the new questions? Is there a easy work flow for that scenario?

The users would still have an alternate way since they are all required to register at least 2 forms for MFA.

Thanks,

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. VipulSparsh-MSFT 16,316 Reputation points Microsoft Employee Moderator
    2021-11-08T07:35:47.64+00:00

    @32billablehours Thanks for reaching out and apologies for delay.

    If you change the security questions, and if it is a mandatory option (under methods available to users) like 2 methods required and 1 of them is security question then the users will not be able to reset the password and will see this error when they try to reset the password :

    They will again need to register for the new set of security questions at :
    147284-image.png

    -----------------------------------------------------------------------------------------------------------------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.