I created two third party authentication methods for MFA in my user profile. One through a third party application installed on my smartphone, another one through an application installed on my computer.

When I sign in on the Microsoft 365 portal, only one method is proposed: "use the verification code from my mobile app". My two authentication methods could work at this step, but the choice is really confusing for the users.

I propose to change the description of the third party authentication methods, with something like that: "Use a third party verification code".

In the Microsoft 365 User profile, in the "Security info" menu, we are able to add a third party authentication method. But there is no way to add a small description of the method added (as we can do for example for the "Security key" method), and "Authenticator app" is always used as a description. So that if several methods are added, it is impossible to differentiate them.

I propose to always allow adding a description when we create a new Authentication method.

I cannot find a way to export a list of MFA enabled/disabled users to excel. This would be extremely useful.

Allow listing of all disabled accounts in the admin center.
Currently, we can select enforced or enabled. While securing a site, it's important to check to see what accounts are disabled.

Only the Global Administrator seems to be able to revoke MFA sessions, I want the Authentication Administrator to be able to do this.

Revoke-AzureADUserAllRefreshToken fails when I'm an authentication administrator

There is currently the option to backup the Authenticator app with a Personal Microsoft Account - are we able to adjust this to be a work or business account, such as a company's O365 Account, especially if we are setting up devices linked with Intune via Office 365 accounts. Makes far more sense that if a device is lost/stolen/replaced, we setup backups with a work account. Doesn't make sense that someone may need to create a Microsoft Account in order to backup their Authenticator accounts. If I have missed something, please do point me in the right direction! :)

it would be great it we have MFA for windows server login of privileged accounts.

After entering the credentials it should prompt for MFA.

You warn us to associate a phone with the Microsoft Authenticator or we could be in trouble. Yet Microsoft acknowledges that phones can be hijacked -- porting the phone number, for example. You've got to come up with a better idea. Like emails.

I currently have 65 accounts registered in the Authenticator app, and for those needing a code, it is difficult to find the correct account. Please add a simple search box on top for filtering the account list.

Allow EMAIL as an option for the 2nd part of the authorization process!
Banks allow the option to text or email, get with the show.

I would like to see the added option to include phone extensions to set for the MFA authentication

Out of security concerns, please have the MFA registration have an option for admins to setup an expiration date.
So that users will be prompted to renew the registration after some time.

Please add the ability (via Conditional Access) to require MFA before a user can run Azure Active Directory PowerShell commands

Come back again later
You've hit our limit on text verification codes. Try to sign in again shortly.

This has started happening the past few days. I have not hit any limit; I literally sat down at my computer and tried once to log in.

acibayramic.onmicrosoft.com kullanıcıları için çoklu kimlik doğrulama fonksiyonunun pasif hale getirilmesini talep ediyoruz. Bu konuda yardımcı olabilir misiniz? iyi çalışmalar dilerim.
Murat GÜRLEK

The only way I have found to get a user's default MFA method is to use MSOL. The problem with MSOL is it cannot use a service principal for authentication to automate jobs easily. I can get most of the information I am looing for in Graph /reports/credentialUserRegistrationDetails, but it does not include the default method.

Can you please include which of the MFA authMethods is the default for a user in /reports/credentialUserRegistrationDetails?

https://docs.microsoft.com/en-us/graph/api/reportroot-list-credentialuserregistrationdetails?view=graph-rest-beta&tabs=http