To quickly find whether individual users have MFA (Multi-Factor Authentication) configured:

  • Log in to Microsoft Office 365 Admin Portal > All admin centres > Microsoft Entra (or just go there directly:
  • Identity > Users > All Users > [click on a user] > Authentication Methods.
  • If at the top you see the message shown below, switch to the new experience.
  • If the user has MFA enabled, it will look something like this:

Obviously, it would be quite laborious to check a large number of users this way. PowerShell to the rescue!

  • Open Elevated (run as admin) PowerShell
  • Connect to Azure Active Directory: Connect-MsolService
  • Run the following script:
    Get-MsolUser -all | select DisplayName,UserPrincipalName,@{N="MFA Status"; E={ if( $_.StrongAuthenticationMethods.IsDefault -eq $true) {($_.StrongAuthenticationMethods | Where IsDefault -eq $True).MethodType} else { "Disabled"}}} | FT -AutoSize

Credit for this goes to Reddit users.

November 2023
Microsoft Office 365
Exchange Online


No comments

Leave your comment

In reply to Some User
Captcha Image