ID-06HighRecommended Secure

Complete Authentication Methods Policy Migration

Identity & Authentication control for Microsoft 365 and Entra ID

Why This Control Matters

The legacy per-user MFA system cannot be centrally managed or monitored. Migrating to the unified Authentication Methods policy enables centralized control over passkeys, FIDO2, and all MFA methods.

Expected State

When this control is compliant, your tenant should meet these criteria:

1Authentication methods policy migration state is "migrationComplete"
2Legacy per-user MFA settings are no longer active
3All authentication methods are managed via unified policy

Enforcement

Default Mode

Advisory

Alerts on deviations but does not make changes

Auto-Remediation

Manual Only

Migration requires Entra Admin Center: Protection > Authentication methods > Policies

Ready to implement this control?

TrueConfig continuously monitors your Microsoft 365 tenant for compliance with this and 50+ other security controls.