This article provides instructions on how to configure multi-factor authentication (MFA) for KnowBe4 using Conditional Access policies in Microsoft Entra ID. Implementing MFA adds an essential layer of security, ensuring that only authorized users can access your organization's secure KnowBe4 services.

Prerequisites

To complete these steps, you must have the following:

• An active Microsoft Entra ID
• Conditional Access Administrator or Global Administrator permissions
• A preconfigured KnowBe4 single sign-on (SSO) Enterprise Application in your Entra ID tenant

Configuring the MFA Policy

To configure the MFA policy, follow the steps below:

1. Log in to your Entra ID admin center.
2. Navigate to Applications > Enterprise Applications.
3. Select your SSO application.
4. Navigate to Security > Conditional Access.
5. Click + New Policy.
6. Enter a name for the policy.
7. Under Access Controls, select Grant.
8. In the menu on the right side of the screen, select the Require authentication strength check box.
9. Use the drop-down menu to select your desired authentication level.
10. Click Select.
11. Set the Enable Policy toggle to On.
12. Click Create.