How to disable per-user legacy MFA status in Microsoft 365

To follow this guide you will need to be an administrative user.

Alternatively, Microsoft has a PowerShell script to automate this process.

Step 1

Navigate to the Azure AD Users page. Select Multi-Factor Authentication.

Step 2

Using the "Multi-Factor Auth status" drop-down, select all users with a status of Enabled.

Under "quick steps", select "Disable".

Step 3

Now, using the "Multi-Factor Auth status" drop-down, select all users with a status of Enforced.

Under "quick steps", select "Disable".