This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I keep searching docs and the azure interface and I am lost. I would like to require that during login that both a Phone and the Authenticator App. I just can't seem to find the right information.
By default security settings are enabled. Then if you want to use conditional access you have to disable it. I disabled it and configured all the default templates for testing. For MFA I only get a Phone requirement.
Turns out I needed to change the Users > Password Reset settings and add multiple Authentication Methods.
@ComputerHabit
Thank you for following up on this and I'm glad that you were able to resolve your issue!
For more information:
Users can register their mobile app at https://aka.ms/mfasetup or in the new security info registration experience at https://aka.ms/setupsecurityinfo. You can enable security info registration for your organization by following steps at https://aka.ms/securityinfodocs. For additional help on using Authenticator app methods visit https://aka.ms/authappsspr.
You can Require users to register when they sign-in by navigating to Registration under Password Reset:
Configure your users in the authentication methods policy to enable passwordless authentication.
Azure Active Directory -> Security -> Authentication Methods
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.