What are the Azure MFA account lockout settings?

Tags mfa azure-mfa

Overview

Accounts in Azure AD that have Azure Multi-Factor Authentication (MFA) enabled, are subject to these Azure MFA Account Lockout settings:

  • Number of MFA denials to trigger account lockout: 3 denials
  • Minutes until account lockout counter is reset: 5 minutes
  • Minutes until account is automatically unblocked: 15 minutes

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#account-lockout

Note: This setting does not affect Duo MFA protected accounts.

 

Details

Article ID: 1770
Created
Fri 11/20/20 11:25 AM