Change Trusted Device MFA Reauthentication Requirement from 14 Days

Kyle Murphy 0 Reputation points
2024-12-19T22:23:19.9033333+00:00

Hello,

I've recently updated the Number of Days Users Trust Devices For field, and I am uncertain it took effect. Does Microsoft Security Defaults have to be turned off and switched to Conditional Access or does the Days Trusted field take effect regardless?

Link > Service Settings tab: https://entra.microsoft.com/#view/Microsoft_AAD_IAM/MultifactorAuthenticationConfig.ReactView/tabId/users

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
7,510 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,645 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Ankush Raj 245 Reputation points Microsoft Employee
    2024-12-23T09:15:06.8866667+00:00

    Hi @Kyle Murphy

    When Microsoft Security Defaults are turned on, they enforce stricter security measures, like requiring multi-factor authentication (MFA) for everyone and not allowing the "remember MFA on trusted device" feature. So, if Security Defaults are active, the "Days Trusted" setting won't work.

    To use the "Days Trusted" feature, you'll need to turn off Security Defaults and switch to Conditional Access policies. This switch will help you in creating other custom policies also which u might need.

    For more info on CA policies,

    please follow,

    https://learn.microsoft.com/en-us/mem/intune/protect/create-conditional-access-intune

    If the answer is helpful, please click ACCEPT ANSWER and kindly upvote it so that other people who faces similar issue may get benefitted from it.

    If you have any further questions about this answer, please click Comment.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.