Intro
If you enforce multifactor authentication for your Entra ID tenant (good job!), you may want to enable or disable certain MFA/alternative sign-in methods to control what options your users have to verify their logins. For example, you may not want to enable SMS notifications if you're worried about your employees incurring costs or if they tend to work in areas where cell service is unpredictable. At the end of the day, you know what's best for your organization, and what authentication methods your team will be able to support.
Steps
1. Sign-in to the Azure portal at https://portal.azure.com
2. Open Microsoft Entra ID
3. On the left-side of the screen, expand the "Manage" section and click "Security".
4. Once again, expand the "Manage" section and click "Authentication Methods"
5. Here, you'll have see a list of the "Built-In" methods that Entra ID supports.
6. Click on each method and enable it as desired. Note that you'll also have the option to allow the method for all users or specific groups and/or exclude certain groups
7. One configured as desired, click "Save"
8. Now, your users will be able to setup these additional methods in their account settings, for example: https://mysignins.microsoft.com/security-info
Conclusion
That's it! Configuring authentication methods in Entra ID is simple and provides your team with additional control over your tenant's security, along with additional flexibility for your users. If you are looking to start using Microsoft Entra ID in your organization, or need assistance managing your current infrastructure, reach out to Cosmistack for a no strings attached consultation! We hope you found this article helpful.
