 All right, Mary says, two-step verification help, please. I keep going in circles. I'd like to turn this off for my entire organization, licensed and guest users. Can I do that as an admin or is it per individual? I just want them to be able to log in. If it is per individual, can you show me steps that work? Every article I find and try the link for the security center, it asks for my login and says I don't exist. Before you get into answering the question, can we just start by saying no, stop. Don't turn it off. That's what I was going to say. I was going to begin with Mary, yes, you exist. Then, no, you don't exist. Yeah. Let's break this down. First of all, Mary shouldn't even be entering this realm here talking about turning off security and just having them log in. I understand it's easiest path to water, but what's going to happen is they're going to get to the water and they're all going to drown when you guys get compromised. So this is not something you really want to do, number one. Number two, yes, you can turn this off for your entire organization or by individuals or the entire org. MFA is something that you set up on an org level. You set up the different types of MFA that are allowed, the security questions, the SMS, all that kind of stuff. And then you can set it on an individual level and you can even force the individual level of what MFA process or different types you can use. So the confusion I have, well, one confusion in this question I have many, is you say license and guest users. Guest users can't, I mean, they're not licensed. So I don't think you can actually work with MFA and a guest user because they don't have a license. They're being forced on their side. Right, they're being forced on their login. Right, right, because they're using an external identity to authenticate to your tenant. So yeah, there's nothing you can do there. You just want them to be able to log in in a perfect world that we could all just log in, but that's not the reality anymore. It's per individual, can you show me steps at work? That well documented steps on how to enable and disable MFA out there in Microsoft Docs. And every article says, you know, go to the link for the security center. Absolutely, that's where MFA is done now. It asks for your login and says I don't exist. This may be going back to a organizational or a personal account type login. You definitely have to use an org login and you have to be a security administrator or a global admin in your tenant in order to alter MFA. So again, I'm saying in the links, you know, not enough detail, we need more information of why, you know, she would even want to attempt something like this, you know, and if she can't log in and it's not an account issue, maybe it's just something with her role, you know, and what her role is set up to be. But it says if you don't exist, then I don't think it's a role. I think it's like it can't find your account. And, you know, I don't exactly know how that would be unless you are using the wrong account, yeah. The wrong account. Yeah, one thing I'd say that, you know, have an MFA and the Authenticator app and I've just been moving everything over to the Microsoft Authenticator app. It's fantastic. Now, you know, having that as a resource, it's a bit of a pain, but for the security benefit of having that, it's fantastic. But where I've run into issues is exactly the point where I realize, you know what, because I use my multiple machines, I have my work device, I have my homework station, multiple browsers, I'm doing multi-tenant things. So I'm logging into different environments, you know, in different browsers and things around there. It's been where I have tried to log in using the wrong profile. That's where I've run into that issue. And so I stop and I go back and start over and then it works. Well, and then I've also found that, you know, the Incognito or, you know, that type of mode, I don't want to brand Incognito because I know they're private windows, all that other kind of stuff. Those can be your friends because browsers cache and as if we all know, if you've gone into, you know, Office 365 and you log in and then close your browser, reopen it and log back in or click on a link to go to 365, it automatically logs you in because it cache that credential information for a period of time, you know, that can happen. You need to start with kind of a clean slate. You need to go with a private motor and Incognito and make sure that, you know, you don't have any, you know, stale artifacts sitting out there that are, you know, getting in the way. As best practices for your users, Mary, one thing you might consider doing is educate them on how to use profiles, both Chrome, Edge and most of the modern browsers now gave you the ability to create profiles. And I like what Chrome does especially where you log into, you create a profile in Chrome and you log into Microsoft 365 and you create another profile in Chrome and go to log into Office, or go to log into M365, there is no overlap. So you're logged in to two different instances in two different profiles and it's completely clean. Edge is a little bit messier in the fact that I can be in my profile and Edge and go to log in and it might ask me if I wanna use credentials from another profile, it still keeps the cache clean, it's just a little bit funkier user experience. But either way, if you have people doing multiple accounts, teach them about profiles and their lives will be much easier. Well, and everybody's probably familiar with that box that comes up, right? It says you don't wanna reduce the amount of, you know, times you have to re-log in or log in. After you authenticate, you get this box that comes up and you say yes or no to it. You say yes, it's caching your credentials. It's actually, you know, adding it to the Windows credential store on your local machine. I don't know if you knew that background on that, but it's actually adding it to what they call the credential store and it's cached locally on your machine. So you don't have to, it has a token timeout to it. So it actually will timeout after a period of time, but it extends it, you know, and makes it so you don't have to authenticate multiple times if you're going into like, say, into Power Automate from M365 into, you know, Security Center, which is a separate, they're all separate little websites, if you will, are portals that they're not, you know, seamless through the M365 portal. They open up their own tabs and go that way. So it just goes out to the credential store and pulls those credentials out and uses them.