We help IT Professionals succeed at work.

MFA authentication international locations

How does password reset works in international locations with MFA.  Here in US I can input a phone number in AD Mobile field. example +1-415-111-1111
Then it sends a code to the phone and you confirm.  Would it work with international locations?  Example China +86-180-1111-1111

https://passwordreset.microsoftonline.com/
Comment
Watch Question

MaheshArchitect
Distinguished Expert 2019

Commented:
Ideally you will adding ISD code of country followed by his cell number...the purpose is to cover entire globe

That will work if number is valid one

Author

Commented:
Thanks.  I guess another questions particularly about Chinese regulations.  I know they blocking direct access to the major sites like ms, azure, okta, aws, etc.  Would it work with MFA code sent from MS reset to their phones?
Architect
Distinguished Expert 2019
Commented:
Please check with Microsoft Azure Support, for China I think MFA is not allowed, but I don't know as I never worked with any china Azure tenants

https://feedback.azure.com/forums/34192--general-feedback/suggestions/10170426-add-mfa-in-china-azure
btanExec Consultant
Distinguished Expert 2019

Commented:
Depends but good to clarify the availability
Azure AD Premium and its capabilities is not currently available in Tenants hosted in our Mainland China Azure AD instance such as when a company signs up for Office 365 or Azure operated by our partner 21Vianet.

A company with Tenant in our Global Azure AD instance, hosted in our global datacenters, has access to Azure AD Premium services and all employees in that Tenant, including those in China, can leverage the services.
The SMS will works and there are other reset option
We do have other options available for both SSPR and MFA that do not require SMS/Phone calls (e.g. Azure Authenticator app for MFA and Q/A gate for SSPR) but does require internet connectivity.

Fun Fact: For Azure MFA, you can change the Caller ID Phone Number but this is only from US phone numbers only.
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/AzureAD-Mailbag-International-Deployments-Round-2/ba-p/250025

Other interesting info
Azure AD Password Reset is localized into the full Office language set. SSPR uses the user's browser locale when choosing how to localize the SSPR page and all of its communication (SMS, voice, question languages).
https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/AzureAD-Mailbag-International-Deployments/ba-p/250020