Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. I do not want to use google services,can i download app and install into android device?

    I do not want to use google services, can i download app and install into Android device?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  2. MFA unblock on same menu as MFA settings

    Put MFA unblock on same menu as MFA settings.

    In the MFA settings menu "Admin Center, AAD, Users, MutiFactor Authentication, select user and then click on ‘Manage User Settings", there is no setting to ‘unblock’ the user. To unblock user, you have to go to "Admin Center, AAD, Security, MFA, Block/Unblock Users"

    May I suggest that the unblock user setting also appear in the "Admin Center, AAD, Users, MutiFactor Authentication, select user and then click on ‘Manage User Settings" menu?

    And/or consider under "Admin Center, AAD, Security, MFA" that you point to the same menu where you can manage user…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  3. it just shows 0 of 0 users for multi factor, yet users are all enrolled and using it.

    In active directory insights, it shows 0 of 0 users for multi factor, yet i have it turned on and implemented for all users.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  4. Public API for Azure MFA cloud service

    With Azure MFA Server no longer supported for new installations as of mid-2019, RADIUS is no longer an option for Azure MFA authentication. I want to use a different (non-AzureAD) primary auth method and use Azure MFA only as a 2nd auth factor - but there is no SDK or public API access to Azure MFA cloud service. This would be very helpful now that Azure MFA server is being deprecated.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  5. NPS Extension does not allow changing expired password

    We use the the Azure MFA NPS extension for our VPN solution. It would be really helpful if there was a way to allow users to change their password when it expires. At the moment, the user gets denied access with no reason.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  6. please provide export for MFA

    Currently there is no way to track MFA status except for copying and pasting page by page the info from the MFA Status page(s) which is very tedious.

    It would be ideal if there was an export option to be able to create a worksheet to be used as a punch list for follow up.

    Also why is there no "Disabled" dropdown in addition to Any, Enabled, and Enforced?? This should be added

    Many other products have this option...this one should as well

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  7. How to use two factor authentication if do not have a cell phone or second email?

    How to use two factor authentication if do not have a cell phone or second email? I do not have a businesses or personal cell phone. My business will not provide it. I already asked. I have only business email. No personal email. Is there other ways to use two factor authentication? Plus I heard that skimming a cell phone is possible to get around two factor authentication. Is that a way to place a real or fake cell phone on computer so that I can use two factor authentication? I read an article that people are using that to…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow user's MFA for common propogate to other domains

    You can reset your MFA options at https://aka.ms/mfaSetup.

    But the changes don't propagate to other AZ domains.

    So if the Admin only has Authenticator enabled in a custom domain and he changes phone or loses his phone. The Admin will be locked out forever. The custom domain never getd updated with the MFA phone updated in the Common domain, And the Admin can't self service to update the MFA phone either.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  9. I don't need this

    Make this stupid frustrating waste of time optional. I do not care about security concerns, and I know for a fact that this has only caused problems for my fellow students. I understand a level of security, but this is more secure than my freaking bank account. Just let me opt out so I don't need to find my phone whenever I want to check my email or my homework.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  11. We need to set Alert in Conditional Access Policy if someone successfully access from Outside India if policy violates.

    We have Conditional Access Policy to restrict users if someone access from Outside India MFA should be triggered. This policy is working fine but if someone successfully hack the user account and Successfully Login from Outside India, alert should be configured but alert configuration option is not available in Azure. Please add this option which will improve the user experience.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow security questions as authentication methods for mfa

    If a user does not have access to their phone allow them to be able to answer security questions to satisfy MFA request

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  13. MultiFactor on a Plane with WiFi

    Need a way to accommodate two-factor on a plane. While WiFi for your laptop/device is available, receiving a text or phone call is not possible. Trying to login to any Microsoft services does not seem possible.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  14. 2-Factor Authentication after Phone Reset.

    After I reset my phone to factory default, my Authenticator App can not add me up to my account any longer. What Can I do now?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  15. There seems to be no Azure AD role to manage OATH tokens

    Currently it seems only Global Admins can manage OATH tokens in Azure AD. Would be good if you could delegate that topic.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  16. mfa

    Shorten cooldown for MFA

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  17. an additonal solution to MFA Authentication is introduced in the event that neither the Authenticator App codes or Phone contact don't work

    Recently my previous Mobile device broke & fortunately I had a back up I could simply reinstate the new device. Nevertheless, when it came to the Authenticator App, this fell miserably on it's nose. The generated codes were no longer accepted & the Mobile did not receive the Authentication message being sent when I needed to log into the Azure Portal.
    Principally I was locked out. As a one man show, I do not have additional colleagues that have global Admin rights.
    I see this could be a problem in the future when more small businesses commit themselves to operating…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  18. Change the message text to "Use a verification code from my mobile app or hardware token"

    Currently, when users configured Azure MFA for hardware token and phone number, they can choose MFA method when signing in azure portal.
    In the Azure AD logon page, users see following options.

    -------------------------
    ・ Use a verification code from my mobile app
    ・ Text +XX XXXXXXXXX
    -------------------------

    It's not intuitive for customers to choose "Use a verification code from my mobile app" even though they are using hardware token.
    So please change the message text to "Use a verification code from my mobile app or hardware token".
    I am support professional and I am receiving unnecessary support calls from users…

    15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  19. Show Sign-in info (location, client, device-type, etc) in Authenticator app

    especially for users (e.g. admins) who receive a lot of MFA signin requests via their Authenticator App (sometimes at unexpected moments), it is crucial that they can quickly verify where the authentication request originated from (detailed location info) and more details on the device (client app, device-type, etc) so the user can make an informed decision if the MFA authentication request on his phone is legitimate or not.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
  20. Change B2C default setting for MFA phone number masking.

    B2C MFA service display user phone number as "***-***-123456" by default. I feel it is unfamiliar because of inserted hyphen.

    I think it is better "+XX XXXXXXXX56" same as Azure AD MFA service does.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Multi-factor Authentication  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 16 17
  • Don't see your idea?

Feedback and Knowledge Base