Resetting Office 365 MFA for user
What is Multi-Factor Authentication (MFA)?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to various types of applications, online accounts, and VPNs. Instead of just asking for a username and password which is factor number one, MFA requires more additional verification factors, which decreases the chances of a successful cyber attack.
How Does MFA work in Office 365?
Nowadays most cloud-based systems offer their MFA like AWS or Microsoft’s Office 365 product. Office 365 uses Azure Active Directory (AD) as a directory and authentication system. Once you enable MFA globally for the tenant and the users, they will be directed to provide additional information and set up the MFA when they try to log in. Right now Microsoft provides a few options like, Notify through the app, call my authentication phone, text code to my authentication phone, call my office phone, user verification code from app or token.
Why do we need to reset the user’s MFA details?
A user can reset the MFA preference by themselves using the link http://aka.ms/MFASetup. However, sometimes the user may lose their phone or don’t have access to their phone, or changes their phone number, in those cases the administrator needs to reset the MFA details so that the user can set up new MFA details.
Prerequisite
To complete this task, the administrator must be a global administrator.
Resetting a user’s MFA details
- Log in to https://portal.azure.com, and sign in to the Microsoft Azure portal using an account with administrative privileges.
2. Click on Azure Active Directory
3. Click on users
4. Search the user
5. Click on authentication methods.
6. Require re-register MFA
7. Once this is done the user needs to re-register MFA when they try to log in next time.
- KB170112