You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/authentication/howto-mfa-userdevicesettings.md
+4-6Lines changed: 4 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,6 +15,7 @@ ms.reviewer: michmcla, dawoo
15
15
16
16
ms.collection: M365-identity-device-management
17
17
---
18
+
18
19
# Manage user authentication methods for Azure AD Multi-Factor Authentication
19
20
20
21
Users in Azure AD have two distinct sets of contact information:
@@ -89,11 +90,8 @@ If you're assigned the *Authentication Administrator* role, you can require user
89
90
1. On the left, select **Azure Active Directory** > **Users** > **All users**.
90
91
1. Choose the user you wish to perform an action on and select **Authentication methods**. At the top of the window, then choose one of the following options for the user:
91
92
-**Reset Password** resets the user's password and assigns a temporary password that must be changed on the next sign-in.
92
-
-**Require Re-register MFA** makes it so that when the user signs in next time, they're requested to set up a new MFA authentication method.
93
-
94
-
> [!NOTE]
95
-
> The user's currently registered authentication methods aren't deleted when an admin requires re-registration for MFA. After a user re-registers for MFA, we recommend they review their security info and delete any previously registered authentication methods that are no longer usable.
96
-
93
+
-**Require Re-register MFA** deactivates the user's hardware OATH tokens and deletes the following authentication methods from this user: phone numbers, Microsoft Authenticator apps and software OATH tokens. If needed, the user is requested to set up a new MFA authentication method the next time they sign in.
94
+
97
95
-**Revoke MFA Sessions** clears the user's remembered MFA sessions and requires them to perform MFA the next time it's required by the policy on the device.
98
96
99
97
:::image type="content" source="media/howto-mfa-userdevicesettings/manage-authentication-methods-in-azure.png" alt-text="Manage authentication methods from the Azure portal":::
@@ -111,7 +109,7 @@ To delete a user's app passwords, complete the following steps:
111
109
1. Check the box next to the user or users that you wish to manage. A list of quick step options appears on the right.
112
110
1. Select **Manage user settings**, then check the box for **Delete all existing app passwords generated by the selected users**, as shown in the following example:
113
111
0 commit comments