Thanks for the topic. Like to suggest that before shutting off SMS text as a MFA Method, check the onboarding process established by your HR and/or IT Client Services/Service Desk. I ran into this "gapping hole" where despite turning off SMS text and voice as a valid MFA Method, they were still being provisioned. Come to find out that our new employee/contractor onboarding process starts with a mobile phone number, and it never gets removed even it another MFA Method is provisioned and assigned. I am currently evaluating Entra ID "Security Information" with Temporary Access Pass (TAP). Once I can stop the bleeding at the onboarding level, I can then proceed in exercising what Louis and Merill have suggested in this podcast.
Thanks for the topic. Like to suggest that before shutting off SMS text as a MFA Method, check the onboarding process established by your HR and/or IT Client Services/Service Desk. I ran into this "gapping hole" where despite turning off SMS text and voice as a valid MFA Method, they were still being provisioned. Come to find out that our new employee/contractor onboarding process starts with a mobile phone number, and it never gets removed even it another MFA Method is provisioned and assigned. I am currently evaluating Entra ID "Security Information" with Temporary Access Pass (TAP). Once I can stop the bleeding at the onboarding level, I can then proceed in exercising what Louis and Merill have suggested in this podcast.