Is there a default time period before users are asked to verify security details again?

TonyL 21 Reputation points
2019-12-04T09:10:12.197+00:00

We have some users who are registered for self service password reset and MFA via conditional access.

Recently a few users have been prompted to verify their security details whilst logging in, these users had registered for sspr and mfa via the combined registration some months ago.

Is it expected behaviour for users to be prompted to verify their security information every few months? Is this a default setting?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,576 questions
0 comments
Accepted answer
  1. KAREDD-MSFT 406 Reputation points Microsoft Employee
    2019-12-04T09:27:32.03+00:00

    Hi @TonyL ,

    This is actually controlled by a setting "Number of days before users are asked to re-confirm their authentication data". You can manage this setting from the Azure Portal > Azure AD > Password Reset > Registration.

    Ref: https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment#registration-settings

    You can set this value to a maximum of 730 days (2 years). If you set it 0 days, users will never be prompted to re-register.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest