Skip to Content
ReportsSecurity ReportsMFA Status Report

MFA Status Report

Multi-Factor Authentication enrollment and usage status across all users. Identify users without MFA, track adoption rates, and monitor authentication method distribution.

Overview

The MFA Status Report provides comprehensive visibility into Multi-Factor Authentication adoption across your managed tenants. Identify users who have not enrolled in MFA, track which authentication methods are being used, and monitor MFA enforcement compliance.

Report Columns

ColumnDescription
UserDisplay name and user principal name
MFA StatusEnabled, Enforced, Disabled, or Per-User
Registration StatusRegistered or Not Registered
Default MethodPrimary MFA method configured
Methods RegisteredAll MFA methods the user has registered
Last MFA DateDate of the most recent MFA challenge
Admin AccountWhether the user holds an admin role
Conditional AccessWhether MFA is required via CA policy

MFA Status Categories

  • Enforced — MFA is required for every sign-in
  • Enabled — MFA is available but not yet enforced for all sign-ins
  • Conditional — MFA is required based on Conditional Access policies
  • Disabled — MFA is not configured or required
  • Not Registered — User has not completed MFA registration

Warning: Users without MFA enabled are significantly more vulnerable to account compromise. Admin accounts without MFA represent a critical security risk.

Authentication Methods

MethodDescription
Microsoft AuthenticatorPush notifications or TOTP codes
SMSText message verification codes
Phone CallVoice call verification
FIDO2 Security KeyHardware security key
Windows HelloBiometric or PIN authentication
EmailEmail verification (less secure)

Adoption Metrics

  • Overall MFA adoption rate — Percentage of users with MFA
  • Admin MFA rate — Percentage of admin accounts with MFA
  • Registration completion — Users registered vs. total users
  • Method distribution — Which MFA methods are most popular

Filters

  • MFA Status — Enabled, Enforced, Disabled, Not Registered
  • Admin Accounts — All users, Admins only, Non-admins only
  • Method — Filter by specific authentication method
  • Tenant — Filter by managed tenant

Graph API Data Sources

  • GET /reports/authenticationMethods/userRegistrationDetails
  • GET /reports/credentialUserRegistrationDetails

API Reference

  • GET /api/reports/security/mfa-status — Get MFA status report
  • GET /api/reports/security/mfa-status/summary — Get adoption summary
  • POST /api/reports/security/mfa-status/export — Export report data
Last updated on
DLP Incidents ReportRisky Sign-Ins Report