Hi @SotaT ,
Thanks for your question!
Could you help us understand the reason you’re looking to disable MFA? We’ve recently enforced MFA by default as part of the Yokohama release to enhance the overall security posture of your environment and protect your users against common threats like phishing and credential theft.
While we understand that MFA might initially feel like an added step, it’s one of the most effective controls to reduce unauthorized access. Disabling it could significantly increase the risk of compromise, especially in environments where sensitive data or administrative access is involved.
If your concern is around user experience or friction during login, there are a few alternatives you might consider:
-
Use of low-friction MFA methods, like FIDO2/passkeys, which offer a secure yet seamless experience.
-
Exempting MFA using the Adaptive authentication Policy MFA context,for specific risk conditions.
You can see various scenarios listed in this KB to see how you can exempt certain users, roles, and groups from the MFA mandate. If you could tell us more about your use case, we’d be happy to help you explore options that balance security and usability!
Best,
Randheer
Want to tweak the tone to be more casual, firm, or technical?
