Anyone know why an account located in an OU that authenticates to google (not our sso), that requires 2sv/mfa, and the user is not in the mfa bypass group, logged in 4 hours ago? Their account has been in this OU for over 1 year and nothing has changed around the OU requiring 2sv or being in the mfa bypass group we have...
Would the lastlogintime be updated if the person signed in 4hr ago but was prompted with the "your account doesn't meet organization mfa requirements"?
