Re-register MFA not forcing a user to change their authentication method, still defaulting to old method when logging in.

Ethan Matthews 1 Reputation point
2021-11-02T13:52:50.44+00:00

Having some issues with the MFA re-register button in the Azure AD admin portal where the button is not doing what it should. This has happened recently for a couple users. I was originally thinking it was something that needed to be synched, but after 12 or so hours of it still not working I believe that is no longer the case. Is there another way to re-require MFA within the portal itself?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,454 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,306 Reputation points
    2021-11-02T14:14:30.523+00:00

    Hi @Ethan Matthews • Thank you for reaching out.

    There is no other way to re-require MFA within the portal but you can use PowerShell cmdlet for this purpose, as mentioned below:

    1. Run Install-Module MSOnline from elevated PowerShell (run as administrator) to install the required module.
    2. Run Connect-Msolservice and sign-in using Global Administrator/Privileged Authentication Administrator account.
    3. Run Set-MsolUser -UserPrincipalName username@your_tenant.onmicrosoft.com -StrongAuthenticationMethods @() to require given user to re-register for MFA.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.