Microsoft Azure will introduce mandatory multi-factor authentication (MFA) in a bid to stop cyberattacks

The rollout for the new authentication method will start in October.

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Microsoft Azure MFA

Microsoft has announced a significant shift in its security protocol for Azure users. Starting this October, the tech giant will begin enforcing mandatory multi-factor authentication (MFA) for accessing the Azure portal, Microsoft Entra admin centre, and Intune admin centre.

This decision isn’t just a whim; it’s a calculated move to combat the ever-increasing threat of account compromise attacks. Microsoft’s data shows that MFA can block over 99.2% of these attacks.

Ensuring Azure accounts are protected with securely managed, phishing-resistant multifactor authentication is a key action we are taking. As recent research by Microsoft shows that multifactor authentication (MFA) can block more than 99.2% of account compromise attacks, making it one of the most effective security measures available, today’s announcement brings us all one step closer toward a more secure future.

If you’re wondering whether this will affect you immediately, the answer is that it might not. Microsoft plans to roll this out gradually, so if you don’t get prompted for MFA immediately, don’t sweat it.

However, it’s only a matter of time before this becomes the new norm. It’s also worth mentioning that Phase 2 of this rollout, expected early next year, will extend MFA requirements to Azure CLI, Azure PowerShell, the Azure mobile app, and Infrastructure as Code (IaC) tools.

Microsoft is giving a heads-up with a 60-day advance notice to Entra global admins and through Azure Service Health Notifications. The company is also open to extending the timeframe for organizations that might find this transition difficult due to complex environments or technical hurdles.

Several MFA options will be available. They range from the Microsoft Authenticator app, which allows sign-ins via push notifications, biometrics, or one-time passcodes, to more advanced methods like FIDO2 security keys and certificate-based authentication. Passkeys for phishing-resistant authentication and, as a last resort, SMS or voice approvals will also be available to users.

Microsoft is serious about beefing up security and is not taking any half-measures. The Redmond-based tech giant recommends taking time to start planning for compliance to avoid disruptions in business operations.

You can read more about the new Microsoft Azure MFA authentication method here.

More about the topics: Cybersecurity, microsoft

User forum

0 messages