Reset MFA Authenticator setup as an admin
For several months now, the "Additional security verification" page (http://aka.ms/setupmfa) from Azure MFA has memorized the Authenticator app and the corresponding device. (See attachment)
Please offer the possibility to the administrators to remove the old paired device and the associated Authenticator app.
Reason (for us):
To configure Windows Hello 4 Business the Authenticator app must be used. Many employees have connected an old device that they no longer own or use.
We do not have the SMS option set to available, and have set Multi-Factor Auth to Enforced. Using the "manage settings" from the MFA portal is still using the old rememberd app authenticator setup.
So we need to reset the MFA setup of the users as an admin
I had created a MS Case (118103125001314) for this, but the question is to create a user voice. Because the option with the APIs for the converged experience(SSPR&MFA) does not have an ETA yet.
I had created a duplicate of this request as it eluded my searching earlier. I've hit this issue as a user is capped at X number of registered Authenticator apps. And trying to enroll a new one gives a less than helpful error message. Or in the preview enrollment, no error message at all.
Mark van Lierop commented
We experience the same problem at our company. If this user voice is implemented it would be a great improvement for Windows Hello for Business. As Global Admins we have to reset MFA for users right now. That would be another significant improvement; delegation of MFA reset or giving Helpdesks to reset MFA for us!
This would really help admins implementing Hello for Business !