reset and unblock MFA in Azure Active Directory

Gurudas 951 Reputation points
2022-03-25T09:51:02.833+00:00

Hello all,

Hope you are doing great!

I would like to understand process to unblock and reset MFA - Multi Factor Authentication in Azure Active Directory

Example: I have azure ad account John.dave@Company portal .com that require MFA reset and unblock.

Please provide technical KB article to understand this process.

Thank you in advance :)

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,871 Reputation points Moderator
    2022-03-25T10:47:45.063+00:00

    Hi @GurudasSatardekar • Thank you for reaching out.

    I have provided the steps below to reset and unblock MFA in Azure Active Directory via Azure Portal and PowerShell.

    Using Azure Portal:

    • Sign in to the Azure portal with the tenant Global Administrator account.
    • Navigate to Azure Active Directory > Users > All users > Choose the user you wish to perform an action on > select Authentication methods > Require Re-register MFA.
    • Once this is done, the next time the user signs in, he/she will be requested to set up a new MFA authentication method.

    Note: The user's currently registered authentication methods aren't deleted when an admin requires re-registration for MFA. After a user re-registers for MFA, we recommend they review their security info and delete any previously registered authentication methods that are no longer usable.

    Using PowerShell:

    • Install the MSOnline PowerShell module.
    • Run Connect-MSOLService and sign in with the Global Administrator account.
    • Run Set-MsolUser -UserPrincipalName ******@contoso.com -StrongAuthenticationMethods @() cmdlet to reset the MFA registration information.

    Read More: Manage user authentication methods for Azure AD Multi-Factor Authentication

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    7 people found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Mukremin Teknecukur 0 Reputation points
    2024-09-23T14:48:27.1266667+00:00

    You can use a simple command in PowerShell, but make sure you are connected to the MsOlService before running the command.

    Here is the command:

    Reset-MsOlStrongAuthenticationMethodByUpn -UserPrincipalName [Fully Mailaddress]

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.