0xSMRKNov 18, 2022
Merill

PSA The Microsoft Authenticator app will start enforcing number match on all #Microsoft365 and #AzureAD tenants from Feb 27, 2023

We have some handy change comms templates for you at https://aka.ms/mfatemplates to inform your users of the change.

Use the config options below to have more control of the roll-out in your organization, including a staged roll out to groups of users.

https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-number-match#enable-number-matching-in-the-portal

Liked this? Please boost/retoot to spread the word.

Feel free to follow me for more tips 👍

Download Microsoft Entra end-user rollout templates and materials from Official Microsoft Download Center

Use these customizable posters, training, stickers, and email templates to roll out Azure Active Directory features in your organization

Microsoft Store - Download Center
Nov 15, 2022 at 10:38pmWeb
Show threadseickNov 16, 2022
@merill absolutely love that you offer adoption templates. Am I correct that this is english only?
Show threadMerillNov 16, 2022
@seickhimself Thanks. Unfortunately, English only atm
Show threadBartNov 16, 2022
This seems rather ambitious (compared with the phasing out of legacy auth). I'm not against, but why make it mandatory on such a short timeframe?
Show threadJarrod FratesNov 16, 2022
@merill The page says that it will be "enabled by default," but you say "enforce." Is there a difference? Will those on simple push be forced over, with an option for tenants to change it back if they want?
Show threadYawnTorNov 18, 2022
@merill So... you're saying after February 27, 2023, I'll need to use MFA for Microsoft 365, and that MFA is the Microsoft Authenticator app? I can't opt-out, and I can't use a different MFA app?
Show threadMerill Fernando  Nov 21, 2022
@YawnTor @merill You can use other Authenticator apps. This change is just for the Microsoft Authenticator app which previously showed an Approve Yes/No option.
Show threadYawnTorNov 21, 2022
@merill @merill Ah, okay. Thanks for the clarification.
Show threadMark Blair ✅ 🛡Nov 18, 2022
@merill Thanks for the info and sharing further templates. Is this going to be required or an opt-in feature improvement?
Show threadMerill Fernando  Nov 21, 2022
@ctrlaltsecurity @merill You can opt-in until Feb 23. After Feb 23 it will be required.
Show threadMark Blair ✅ 🛡Nov 21, 2022
@merill @merill Thank you!
Show threadMagnusNov 18, 2022
@merill
Enrolled it in two phases for 1000 us
ers. No complains, really good.
Reducing prompts with whfb also helps protection against phishing.
Show threadMerill Fernando  Nov 21, 2022
@mtengmo @merill Awesome!
Show threadPhil Gastwirth Dec 12, 2022
@merill
My company uses conditional access polices that enable MFA. Do you know if this will affect this?