This guide will show an administrator how to initiate an MFA reset for end users experiencing verification issues.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.UserAccount
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
User Account Authentication Method Reset
- Navigate to the Users – Azure Active Directory portal, locate and select the User whose MFA needs to be reset.
- From the Overview page of the selected User Account, locate and select the Authentication Methods tab. Once inside of the section, select the Require Re-Register Multifactor Authentication action. A disclaimer will be displayed detailing that removal of all MFA tied resources will be deactivated and removed from the account. Select OK to successfully reset the MFA authentication methods on the selected account.
- Once the Require re-register multifactor authentication action has been successfully carried out, it is best practice to also initiate the Revoke multifactor authentication sessions action to ensure that all active sessions that are utilizing the previously removed methods are also terminated. This can be done by selecting Revoke multifactor authentication sessions action.
- Carrying out the listed actions above should result in the selected user having all their previously stored MFA methods being successfully removed and having all their active sessions utilizing these removed methods also being terminated. Upon their next authentication attempt requiring MFA, they will be prompted with a new registration campaign prompt requiring new MFA methods be configured that align with specified security policy.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.