Our sales team wants to avoid getting hit with MFA prompts while presenting. They understand the importance of MFA for security, but there have been issues with prompts showing up during key meetings. One idea was to force a reauthentication just before the meeting, but that's not an option either. Has anyone dealt with this situation?
4 Answers
It sounds like your Conditional Access policy might need reviewing. Re-authentication can be a security risk mitigator, but if it's set up poorly, it doesn't help anyone. What are you exactly securing against with these re-auths?
Honestly, wouldn’t having MFA make your system seem more secure to potential clients? If a client wants to skip that level of security, it might be a red flag. It could definitely lead to issues down the line if they’re not willing to invest in security.
It sounds like there might be a timeout that's triggering MFA during presentations. If you're using a browser, try using an incognito window right before the demo. If you're using Entra, consider setting up device-bound passkeys; they speed up MFA significantly. I can do it in about 5 seconds using Windows Hello or the secure enclave on macOS, and even quicker with Microsoft Authenticator on iOS/Android.
What triggered the MFA in the first place? Some policies can get pretty strict, and if you're not using Trusted Locations, it might just be the time since the last authentication expired.
Yeah, we're dealing with strict policies that require constant re-auths, which is a real hassle when we're trying to present.
It's sales; what can you expect? They just want to make things smooth!