If a user in your organization no longer needs two-factor authentication (2FA), you can remove 2FA from their user profile. If they need access again later, you can add 2FA to the user again. You can also re-enroll 2FA if the user has trouble using the authenticator app, needs to change authenticator apps, or needs to change the device they use for the authenticator app. Users can also add and re-enroll two-factor authentication for their own user profile, but they can't remove 2FA on their own.
Note: If the user has the Managed Security Solutions permission, you must remove the permission from their user profile before removing two‑factor authentication.
To remove two-factor authentication from a user:
Try one of these popular searches:
Explore Control Center