With the festive bells ringing in our ears, I thought it appropriate that we discuss MFA Fraud alerts. I came across an intriguing issue this week where a user could not register for any type of MFA factor.
See below for clearly ambiguous errors (perhaps by design) and the Azure AD sign in logs weren’t any help either.
After failing short on all the usual MFA suspects we were able to track down the issue to the Fraud Alert Settings where we of course found the user in question who was having MFA related issues.
If you have the MFA Fraud Alert settings enabled, make sure you have the MFA notifications enabled, send it to the right person and follow up the alerts in a timely manner.
In the meantime I'm sure Microsoft will help administrators with some less ambiguous errors... hopefully ;)
Enjoy the break and see you next year!
Step 2: We've sent a text message to your phone
on +XX XXXXXXXXX
Via Azure Authenticator Mobile App
We couldn’t add the account. Please verify that the activation code is correct and push notifications are enabled on this device for the app.
MFA Admin | Unblock Users