Source URL: https://azure.microsoft.com/en-us/blog/azure-mandatory-multifactor-authentication-phase-2-starting-in-october-2025/
Source: Microsoft Security Blog
Title: Azure mandatory multifactor authentication: Phase 2 starting in October 2025
Feedly Summary: Microsoft Azure is announcing the start of Phase 2 multi-factor authentication enforcement at the Azure Resource Manager layer, starting October 1, 2025.
The post Azure mandatory multifactor authentication: Phase 2 starting in October 2025 appeared first on Microsoft Security Blog.
AI Summary and Description: Yes
Summary: Microsoft is enforcing mandatory multi-factor authentication (MFA) for Azure Public Cloud sign-ins as a critical security measure against increasing cyber threats. The phased rollout aims to enhance security and requires user compliance by October 1, 2025, ensuring all users are adequately prepared for the expected changes.
Detailed Description: The enforcement of mandatory multi-factor authentication (MFA) by Microsoft for Azure Public Cloud is a significant effort to bolster security and protect against cyberattacks. The details of this initiative include:
– **Importance of MFA**: Microsoft research indicates that MFA can block over 99.2% of account compromise attacks, establishing its vital role in strengthening security.
– **Rollout Phases**:
– **Phase 1**: Focused on the Azure Portal, Microsoft Entra admin center, and Intune admin center sign-ins, completed as of March 2025.
– **Phase 2**: Begins on October 1, 2025, focusing on MFA enforcement at the Azure Resource Manager layer for resource management operations, impacting various Azure management interfaces including Azure CLI, Azure PowerShell, and Infrastructure as Code tools.
– **Communications and Notices**: Microsoft has begun sending communications to Global Administrators regarding the enforcement details and preparation steps.
– **Customer Impact**:
– Users must authenticate with MFA for resource management tasks, while managed identities and service principals remain unaffected by this enforcement.
– **Preparation Steps**:
1. **Enable MFA**: Administrators must enable MFA for users prior to the enforcement date to ensure access continuation.
2. **Understand Impact**: Azure Policy definitions should be assigned to block operations unless MFA is authenticated.
3. **CLI and PowerShell Updates**: Encourage users to update to compatible versions of Azure CLI and PowerShell to ensure the seamless operation of resources under MFA enforcement.
– **Next Steps**: Encouragement of actions required from tenants to adapt, with provisions for postponement available through the Azure Portal if necessary.
Overall, this initiative not only strengthens security measures but also aligns with Microsoft’s ongoing commitment to enhance protection for its customers within Azure, reflecting best practices in security compliance and administration. Security professionals should particularly note the importance of preparation strategies as they relate to compliance with the upcoming MFA requirements.