How does ServiceNow enforce MFA through its system propertiesSummaryTo extend the deadline for MFA enforcement of local user logins (and this would be the case with the upgrade to Yokohama or above), set the glide.authenticate.multifactor.enforcement.max_relaxation_period property to a high value (maximum allowed is 270 days) and then set the glide.authenticate.multifactor.self_enrolment_period value to its maximum of 90 days. By doing the above, your local login users will not be forced to use MFA for a period of 270 days since the upgrade to Yokohama or above and on its completion, they will then be checked against a sliding window period of 90 days (the maximum or whatever you set in the ...self_enrolment_period system property). If the sliding window period exceeds as well, then they will be forced to a MFA setup page and the local user would have to configure and validate their MFA before logging-in. Related Linkshttps://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1709783