Posts

Showing posts from February, 2018

MFA User cannot access Mobile Phone e.g. lost phone (work around)

One-time bypass  is the solution:
The one-time bypass feature allows a user to authenticate a single time without performing two-step verification. The bypass is temporary and expires after a specified number of seconds.
In situations where the mobile app or phone is not receiving a notification or phone call, you can allow a one-time bypass so the user can access the desired resource.

Create a one-time bypass

Sign in to the Azure portal as an administrator.
https://portal.azure.com

Browse to Azure Active Directory > MFA Server > One-time bypass.
Select Add.
If necessary, select the replication group for the bypass.
Enter the username as username@domain.com.
Enter the number of seconds that the bypass should last.
Enter the reason for the bypass.
Select Add.
The time limit goes into effect immediately.
The user needs to sign in before the one-time bypass expires.

View the one-time bypass reportSign in to the Azure portal.
Browse to Active Directory > MFA Server > One-time bypass.

IMP…