Hi @Tomass Pētersons ,
This option is only configurable on the user side, so there is no way to uncheck the default "Don't ask again for X days."
You mention that the checkmark is selected by default in one tenant and not the other. This may happen if the user from one tenant signed in without selecting it the first time, or it could be that one of the known limitations listed here is affecting the setting. For example, if you are using the setting alongside with a Conditional Access Sign-in Frequency policy, there can be conflicts between the "remember" my device" settings and the sign-in frequency policy behavior. If those situations do not apply to you, I'm not sure why it is happening in your case so I also reached out to the product team to see if there is any reason why the checkboxes might be selected sometimes and not others (other than the limitations mentioned).
As documented under Mark a Device as Trusted, when you enable the "remember Multi-Factor Authentication feature", users can mark a device as trusted when they sign in by selecting the option for "Don't ask again."
This option is not configurable in the MFA service settings or MFA user settings because the user defines for the first time if they are using a trusted device.
The best way to customize this experience is to use Conditional Access, or to disable the "remember multi-factor authentication" setting entirely.
Adding a configurable checkbox setting has been a fairly common feature request though, so I have passed this feedback along to the product team. I have also checked with them why the checkbox might be selected sometimes and not others if it hasn't been pre-configured, and whether it can happen for a reason other than the limitations mentioned. I will let you know as soon as I have a response.
Marilee
-
If the information provided was useful to you, please consider marking as answer so that others in the community with similar questions can more easily find a solution.