Microsoft Azure to Mandate Multi-Factor Authentication from October

August 17, 2024 – Microsoft announced yesterday that it will be mandating multi-factor authentication (MFA) from October onwards, as a security measure aimed at reducing the vulnerability of accounts to breaches.

According to Microsoft, MFA has been proven to thwart over 99.2% of account breach attempts, hence the decision to make it compulsory.

The implementation process will be rolled out in two phases:

Phase 1, commencing in October, will require MFA for logging into the Azure portal, Microsoft Entra Admin Center, and Intune Admin Center. However, this initial phase will not affect other Azure clients.

Phase 2, starting early 2025, will see the MFA requirement gradually extended to other Azure clients, including Azure CLI, Azure PowerShell, Azure mobile apps, and Infrastructure as Code (IaC) tools.

To ensure customers are prepared, Microsoft plans to send 60-day advance notices via email and Azure Service Health notifications to Entra global administrators, outlining necessary preparations. The company has also expressed willingness to grant extensions to organizations facing conditional difficulties or technical obstacles.

Leave a Reply