I am looking to change the Security Questions that we have enabled for users when using MFA. The plan is to delete some of the existing ones and replace them with a much smaller subset of questions.
I am a little worried about the end user experience, what happens once we remove Security Questions and put in new ones, and how can we enforce the users that have Security Questions to reregister using the new questions? Is there a easy work flow for that scenario?
The users would still have an alternate way since they are all required to register at least 2 forms for MFA.