Azure Administrator > Identities > Multi-factor authentication (103)

✔ configuring MFA (recomended method)

the recomended way is from Conditional Access Policy

works only for MFA on the cloud

✔ configuring MFA (traditional method)

the traditional way is enable by changing the user state

works for MFA on the cloud AND MFA servers

it overrides the Conditional Access Policy

✔ configuring with PowerShell

# enables MFA for an individual user
Set-MsolUser 
-UserPrincipalName $user
-StrongAuthenticationRequirements $sta

✔ other settings

Fraud alerts = users can report fraudulent attempts to access their resources using the mobile app or through their phone

Bypass options = allows a user to authenticate a single time without performing 2-step verification

Trusted IP’s = bypasses 2-step verification for users who sign in from the company internet

Verification methods = choose the verification methods that are available for your users