登录查看更多内容

Migrate MFA and SSPR policy settings to the Authentication methods policy for Microsoft Entra ID

Kamran Astadabadi

FastTrack M365

发布日期: 2024年8月15日

?? Mark your calendars: September 30th, 2025 is the deadline! On this date, legacy multifactor authentication (MFA) and legacy self-service password reset (SSPR) policies will be deprecated. After this, all authentication methods will be managed through the Authentication Methods Policy in Microsoft Entra ID.

Why act now?

This migration brings all your authentication methods under one roof, giving you greater control, flexibility (by targeting specific groups), and security. The process is fully reversible and can be done on your own schedule, but it’s crucial to begin soon.

Key Steps:

Audit Your Current Policies: Review your existing MFA and SSPR settings.
Security Questions for SSPR: A control for security questions is coming soon. If you use security questions and don't want to disable them, keep them enabled in the legacy SSPR policy until the new control is available. You can finish the migration with security questions still enabled.
Prepare for Migration: Document everything to ensure a smooth transition.
Start the Migration: Update your Authentication Methods Policy and initiate the migration process.
Audit your migration progress

Finish the Migration: After confirming that your migration is successful, finalize the switch and remove legacy settings.

Once migrated, start managing MFA and SSPR from Entra ID > Protection > Authentication methods > Policies

Migrating early gives you the flexibility and control you need to manage your authentication methods effectively. Don’t wait—start your migration today!

Known Issues and Limitations:

Individual User Targeting Removed: Users previously targeted individually should be moved to a group.
Registration Failures with Multiple Groups: Authentication method registration may fail if too many groups are included. Consolidate multiple groups into a single group per method, adding the new group and removing old ones simultaneously to avoid issues.

Please find the official Microsoft article here!

要查看或添加评论，请登录

Kamran Astadabadi的更多文章

Take Control of Azure Resource Security with Microsoft Entra PIM!

2025年1月5日

Take Control of Azure Resource Security with Microsoft Entra PIM!

Let’s talk about a game-changer for managing Azure resources: Microsoft Entra Privileged Identity Management (PIM). If…

1 条评论
Automating External User Onboarding and B2B Collaboration

2024年12月12日

Automating External User Onboarding and B2B Collaboration

?? Did you know that Microsoft Entra ID P2’s Entitlement Management can make managing external collaboration so much…
Exciting Update for Anyone Managing MFA and SSPR Migrations in Entra ID!

2024年11月4日

Exciting Update for Anyone Managing MFA and SSPR Migrations in Entra ID!

Microsoft just made the transition to the new Authentication Methods Policies even smoother with an Automated Migration…

Finish the Migration: After confirming that your migration is successful, finalize the switch and remove legacy settings.

Kamran Astadabadi的更多文章

Take Control of Azure Resource Security with Microsoft Entra PIM!

Automating External User Onboarding and B2B Collaboration

Exciting Update for Anyone Managing MFA and SSPR Migrations in Entra ID!