How to Reset MFA (Multi-Factor Authentication) in Office 365

How to Reset MFA (Multi-Factor Authentication) in Office 365

Multi-Factor Authentication (MFA) is an essential security measure in Office 365 (Microsoft 365) environments. It adds an extra layer of security by requiring users to provide additional way of verification to access their accounts. However, sometimes users need to reset MFA for their account due to multiple reasons. In this guide we will explore the ways to reset MFA in Office 365, covering reasons for resets, prerequisites, and step-by-step instructions.

Why You May Need to Reset MFA in Office 365

There are several scenarios where resetting MFA is necessary:

  • Lost or Replaced Device: The user has lost or replaced their phone used for authentication.
  • Changed Authentication Methods: The user wants to switch to a different authentication method (e.g., from a phone app to SMS).
  • Access Recovery: The user cannot authenticate due to technical issues.
  • User Role Changes: Administrators may reset MFA as part of role changes within the organization.

Prerequisites for Resetting MFA

You should meet below mentioned prerequisites to be able to reset MFA:

  • You must have Global Administrator or Privileged Authentication Administrator permissions in Microsoft 365.
  • Access to the Microsoft 365 Admin Center or the Azure Active Directory (Azure AD) portal.

Ways to Reset MFA in Microsoft 365

Resetting MFA can be done in multiple ways. We will explore all the ways one by one:

Reset Multi Factor Authentication through Admin Center

Follow the below steps to Reset Multi Factor authentication in Microsoft Office 365.

  • Visit Microsoft 365 admin center and login with your admin credentials.
  • Click on users, active users in the left pane. All users will be shown in the right pane. Now select user and click on multi factor authentication.click Multi-Factor Authentication in Admin Center
  • It will take you to Entra Admin Center. Here choose single or multiple users and choose user MFA settings. Now select “Require selected users to provide contact methods again” and click on the save button.

rerequire user to provide contact method again

Reset MFA through Entra Admin Center

This is another way for resetting MFA for Office 365 users. Follow the below step by step procedure.

  • Visit Microsoft Entra Admin Center and login with your credentials.
  • In the Entra Admin Center, click on Identity then Users and All Users. Now click on the user whose MFA you want to reset.

Open all users in Entra Admin Center

  • In the user panel, choose authentication methods and click on the “Require re-register multifactor authentication” and provide your confirmation by pressing the OK button.

re-register multi factor authentication

Using PowerShell for Resetting Multi Factor Authentication

For this, first you will need to install Microsoft Graph Module in PowerShell if not installed already.

  • Connect to Microsoft Graph using the below command.
Connect-MgGraph  -Scopes "User.Read.all","UserAuthenticationMethod.ReadWrite.All" -NoWelcome

Once connected, you will need to run the command mentioned in the link. Thanks to the Merill Fernando for writing the script. Here is the like to the command: Merill’s Delete Authentication Office 365 Script. Only change the UPN in the command.

Conclusion:

This article describes three ways to reset MFA for users in Office 365. Resetting multi-factor authentication may be required due to lost device or some other reasons. You should have appropriate permission or role to perform this operation. From the above three methods, you can use any depends on your suitability. I hope this article has provided you with valuable information. Feel free to reach out if you have any queries.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *