Leagcy portals to control MFA is set to retire in September 2025

Microsoft recently introduced a new campaign to encourage users to register for Multifactor Authentication, and move away from less secure authentication methods, such as SMS and phone calls. When users sign in with these legacy methods, they will be prompted to set up the Microsoft Authenticator. Users can ignore this a couple of times, but will eventually be forced to register.

IT administrators looking for guidance on how to control the behavior, start an early migration or maybe exempt certain users, can follow this guidance

As a follow-up to this new way of controlling MFA, Microsoft recently announced that the legacy version of Multifactor Authentication will be retired on September 30th, 2025. Organizations are advised to transition their authentication methods before the deadline in 2025.