Re-register MFA not forcing a user to change their authentication method, still defaulting to old method when logging in.

Ethan Matthews 1 Reputation point
2021-11-02T13:52:50.44+00:00

Having some issues with the MFA re-register button in the Azure AD admin portal where the button is not doing what it should. This has happened recently for a couple users. I was originally thinking it was something that needed to be synched, but after 12 or so hours of it still not working I believe that is no longer the case. Is there another way to re-require MFA within the portal itself?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,256 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,761 Reputation points
    2021-11-02T14:14:30.523+00:00

    Hi @Ethan Matthews • Thank you for reaching out.

    There is no other way to re-require MFA within the portal but you can use PowerShell cmdlet for this purpose, as mentioned below:

    1. Run Install-Module MSOnline from elevated PowerShell (run as administrator) to install the required module.
    2. Run Connect-Msolservice and sign-in using Global Administrator/Privileged Authentication Administrator account.
    3. Run Set-MsolUser -UserPrincipalName username@your_tenant.onmicrosoft.com -StrongAuthenticationMethods @() to require given user to re-register for MFA.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.