The function of “remember multi-factor authentication”
If the customers use the function of “remember multi-factor authentication,” they don’t meet the “Partner Security Requirements”?
Regarding when to require Multi-factor authentication, it can be extended for a certain period depends upon each user (Within the extended period, MFA is not required)
# MFA has been still applied to the users. so that I believe using this function meets the security requirements.
Title : Remember Multi-Factor Authentication
<Other reference infomation>
Title : Partner Security Requirements
Title : Frequently asked questions about the partner security requirements
The setting for remembering MFA on devices will not work once technical enforcement is enabled - you can still enable it, but regardless of what has been set here the user will be forced to do MFA.
However, as mentioned in other threads before, Using Winodws 10 in Hybrid Joined scenario (when MFA was enabled when Hybrid join happened) or when Windows Hello for Business is used, it might be that MFA prompts are rarely occuring since in this case the device already has a token that includes the MFA claim - you will see in the AAD sign-in logs that MFA was not triggered because the token already features the MFA claim.
Receive consultations via Technical Presales and Deployment Services team