Following Microsoft’s anticipated changes, we are phasing out the management action “Reset MFA” in favor of the new action “Reset authentication methods”. This article outlines the key differences between these two actions and provides guidance for making the necessary updates before the transition is fully implemented.
Key differences
Cmdlet update
The “Reset MFA” action relies the MSOnline cmdlet Reset-MsolStrongAuthenticationMethodByUpn, which Microsoft is phasing out in March 2025.
To ensure uninterrupted service, please update all workflows and permissions utilizing the “Reset MFA” action to the new “Reset authentication methods” action before this deadline.
Field change
The “Reset MFA” action operates on a field known as “Strong authentication methods”, whereas the new action will use the field “Registered authentication methods”. Both fields can be accessed through the user's report.
Authentication methods that can be removed
The “Reset authentication methods” action allows the removal of the following authentication methods:
- FIDO2
- Microsoft Authenticator
- Phone
- Software Authenticator
- Temporary access pass
- Windows Hello for Business
It is important to note that password authentication is not included in this list, as Microsoft does not permit its removal through this action.
Consent permissions
To utilize the “Reset authentication methods” action, the consent permission required is UserAuthenticationMethod.ReadWrite.All. This is identical to the permission already necessary for managing MFA. If organizational or individual consent has not been granted yet, it will be mandatory to do so to effectively use the new action.
Importing Authentication Method information
Please ensure you have granted this consent permission if you want to include Authentication Method information in the partial import. For more details on using a consent link, refer to the “How to provide consent to activate the Entra ID reports feature and activate partial import?” article.
Workflow
The “Reset authentication methods” action is also available as a workflow action.