I know many of you are using Microsoft's identity service, and I've heard that they're making some changes to legacy authentication settings for MFA and SSPR management this September. Can anyone clarify if this means that the legacy authentication settings won't be removed, but instead, we'll just manage these policies through conditional access? I'd appreciate any insights to ensure I'm on the right track!
1 Answer
You're on the right track! Microsoft is indeed retiring the old "per-user MFA" and separate SSPR settings for individual users or groups. They're moving everything to a unified Authentication methods policy that's managed in the Microsoft Entra admin center. This simplifies management as it consolidates all authentication methods like MFA, SSPR, FIDO2, and passwordless options under one roof.
Thanks for clarifying! So, just to make sure I get it, does this mean we won't have to set up MFA and SSPR individually for users anymore?