Share via
Chris Dunaway 15Reputation points
I recently tried to log into my Office 365 Admin account, and it wants me to sign up for a Microsoft Authenticator account and install the app on my phone. I want to disable this. I've searched several forums and found instructions to do this in Microsoft Azure, but I can never find exactly the right setting. Azure tells me Authenticator is disabled, but when I try to sign in, it keeps insisting that I install Authenticator.
I do not want to use Authenticator. How do I disable this?
Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
6,594 questions
Sign in to follow
0 commentsNo comments
2{count} votes
Sign in to comment
4 answers
Sort by: Most helpful
Most helpful Newest Oldest
Josh Hansen-Sedor 160Reputation points
2024-03-20T19:09:30.3366667+00:00 Hi there,
To disable Microsoft Authenticator please do the following:
- Sign in to the Azure portal as a global administrator or security administrator.
- Go to Azure Active Directory > Security > MFA.
- Under MFA settings, select Additional cloud-based MFA settings.
- Under service settings, select Microsoft Authenticator app.
- Change the setting to Disabled.
Additionally you can Log into Microsoft Entra admin, go to Identity > Users > All Users > Per-user MFA > Service Settings
From there you can uncheck the notifications for mobile app and verification code for app, any other settings you'd like from there. This is for all users, so please be aware and also please note that this severely lowers your security.
If none of that works, then I'm convinced they enforce it.
Thanks :)
Josh Hansen-Sedor 160Reputation points
2024-03-20T19:02:09.1333333+00:00 Hi,
Wasn't able to see answer so wrote again, but see it now and now won't let me delete :)
Chris Dunaway 15Reputation points
2024-03-20T19:18:49.07+00:00 Where do I find "Azure Active Directory?" I get a message saying "Azure Active Directory is now Microsoft Entra ID"
Josh Hansen-Sedor 160Reputation points
2024-03-20T19:33:52.6133333+00:00 You will need to go to Microsoft Entra ID and follow the second instructions, wasn't aware that it is the same now.
Chris Dunaway 15Reputation points
2024-03-25T19:16:55.8433333+00:00 Thanks, I just tried this, and it says MULTI-FACTOR AUTH STATUS is "disabled" for all users. But when I log in, it still wants me to use Authenticator.
Make-A-Wish Belgium Vlaanderen 0Reputation points
2024-05-27T10:38:57.7166667+00:00 We're facing the same issue. authenticator stats are disabled but we keep receiving the message that in 14 days, we will be forced to use the authenticator app to login. We're using a central mailbox with 4 staff members. We don't know how we should manage that when the authenticator app will be connected to one of our phones... we don't have the same working hours.
Miłosz Tuszyński 0Reputation points
2024-06-19T09:06:24.9033333+00:00 Same issue, i think only possibility to turn of is to turn off for all users in
Microsoft Entra ID > Properties >
- Under "Manage security defaults" settings at the bottom,
- At "security default" setting select from Enable to Disable options.
But i only want to turn off ms authenticator questionairy for few users not for whole company
See AlsoPermissions Reset 2Ralf 0Reputation points
2024-07-25T05:34:12.4433333+00:00 Hey everyone, who's having this issue? The instruction is right and keep in mind the Azure Active Directory is now Microsoft Entra ID" from there go to the users, and select those users you want to reset their authenticator app from a stolen or broken device where their MS authenticator app is installed. Select the user and from the upper right click manage user settings. Check "Require selected users to provide contact methods again"
This option will deactivate hardware OATH tokens and delete the following authentication methods from the previous device where it's installed.
I hope thishelps.
Sign in to comment
Sun Wu 5Reputation points
2024-06-06T10:18:51.5633333+00:00 For people who are not ready to use SMS and Auth App. Can temporary turn off the MFA in Entra ID:
Sign in to the Azure portal as a global administrator or security administrator.
Try this first,
- Go to Microsoft Entra ID > Properties >
- Under "Manage security defaults" settings at the bottom,
- At "security default" setting select from Enable to Disable options.
if still not working on above method, then
- Go to Microsoft Entra ID > Security > Authentication methods > Settings.
- Under "System-preferred multifactor authentication" settings, select from Enable to Disable options.
Again, MFA is a good security policy for 2024, it is better to turn it on.
0Reputation points
2024-07-18T22:01:03.4766667+00:00 Ive done those steps and removed the authenticator issue so I can login now without it.
Now I want to login on my authenticator app, But that still require me to use authenticator ap? What to do?
Sign in to comment
Ralf 0Reputation points
2024-07-25T05:34:58.6066667+00:00 Hey everyone, who's having this issue? The instruction is right and keep in mind the Azure Active Directory is now Microsoft Entra ID" from there go to the users, and select those users you want to reset their authenticator app from a stolen or broken device where their MS authenticator app is installed. Select the user and from the upper right click manage user settings. Check "Require selected users to provide contact methods again"
This option will deactivate hardware OATH tokens and delete the following authentication methods from the previous device where it's installed.
I hope thishelps.
0 commentsNo comments
Sign in to comment
Richard 0Reputation points
2024-08-01T11:52:18.0966667+00:00 In Microsoft Entra ID
Maybe it is under the Registration campaign.
Go to Protection > Authentication Methods > Manage > Registration Campaign.
You can click edit Settings and add an excluded user so they do not get the prompt
Richard 0Reputation points
2024-08-01T11:52:57.7733333+00:00 The above is still under Microsoft Entra ID
Sign in to comment
Sign in to answer