Sunday, March 26, 2023

System-preferred multifactor authentication (MFA)

 Microsoft Azure Active Directory has Introduced new security control to securing MFA, called as System-preferred MFA. During user's MFA it will default prompt most secured MFA method user has registered.

For an example: If user has registered SMS and authenticator as a method for MFA system preferred MFA evaluated and prompt for authenticator app. User can still sign-in by other sign-in method.

Below are the points to consider.

  •  By default this feature is disabled.
  •  System always determines and presents the most secure method user has registered.
  •  It can be enabled only for a single group, which can be a dynamic or nested group.
How to enable this feature?
    • Graph API : 





    • Azure AD Portal:  Go to Security blade ->Authentication method ->Settings ->  









Featured post

System-preferred multifactor authentication (MFA)

Popular Posts