The need for MFA is more important than ever, as cyberattacks are becoming more frequent, sophisticated, and damaging.
MFA is a security method commonly required among cloud service providers and requires users to provide two or more pieces of evidence to verify their identity before accessing a service or a resource. It adds an extra layer of protection to the standard username and password authentication.
Microsoft announced that they will enforce mandatory multifactor authentication (MFA) for all Azure sign-in attempts; the roll-out of this requirement will be gradual to minimize impact on your business.
The enforcement will roll out in two phases:
-
Phase 1: Starting in October 2024, MFA will be required to sign in to the Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center. The enforcement will gradually roll out to all tenants worldwide.
-
Phase 2: Beginning in early 2025, MFA enforcement gradually begins for sign in to Azure CLI, Azure PowerShell, Azure mobile app, and IaC tools.
Microsoft will notify all Microsoft Entra Global Administrators through the following channels:
-
Email: Global Administrators who have configured an email address will be informed by email of the upcoming MFA enforcement and the actions required to be prepared.
-
Service health notification: Global Administrators will receive a service health notification through the Azure portal, with the tracking ID of 4V20-VX0. This notification contains the same information as the email. Global Administrators can also subscribe to receive service health notifications through email.
- Portal notification: A notification appears in the Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center when they sign in. The portal notification links to this topic for more information about the mandatory MFA enforcement.
- Microsoft 365 message center: A message appears in the Microsoft 365 message center with the same information as the email and service health notification.
Read more: