Ensure 'Per-user MFA' is disabled
Why This Matters
Per-user MFA is a legacy feature that conflicts with modern Conditional Access policies and security defaults. Enabling both can create inconsistent authentication states for users, weakening the overall security posture. Disabling per-user MFA ensures all accounts rely on Conditional Access for uniform, policy-driven MFA enforcement.
What Aether365 Checks
Aether365 verifies that per-user Multi-Factor Authentication is disabled for all user accounts in Microsoft Entra ID. This check appears in the Aether365 dashboard under the Entra ID checks section.