Microsoft requires MFA for all Azure users; it begins in July 2024

[German]Brief information that should have been known since mid-May 2024. Microsoft wants to improve the security of Azure user accounts. Redmond is therefore making multifactor authentication (MFA) mandatory for all Azure user accounts. Implementation is set to begin in July 2024, but will be rolled out in stages.


It will begin in Juli 2024

The information passed me by, but a user pointed this out to me on Facebook (thanks for that). Microsoft has already published the Techcommunity article Microsoft will require MFA for all Azure users on May 17, 2024. The message in this post: In July 2024, the Azure teams will begin introducing additional security measures at the tenant level that require multi-factor authentication (MFA).

Multi-factor authentication (MFA) is a security method that requires users to provide two or more pieces of evidence to verify their identity before accessing a service or resource. The proof can be something the user knows (such as a password or PIN), something the user has (such as a phone or token), or something the user is (such as a fingerprint or facial scan), Microsoft says.

The introduction of these tenant-level security baselines is intended to provide additional security to protect companies' cloud services or accounts. After the changeover, logging into an Azure user account will require a second factor for approval. The previous standard authentication using a user name and password will no longer be sufficient.

Stepwise implementation planned

Microsoft writes that the implementation of MFA sign-in for Azure user accounts will be phased and methodical to minimize the impact on customer use cases. The blog post Microsoft will require MFA for all Azure users contains helpful information from the Azure product team to help customers prepare for MFA activation of access to Azure services.

The Azure team also wants to inform customers about the specific launch dates in future via direct emails and Azure portal notifications. Corresponding information is expected in the coming months. Anyone wishing to implement MFA for access to Azure user accounts now can do so via Microsoft's Entra ID.

Entra ID supports various MFA methods, such as the Microsoft Authenticator app, SMS, voice calls and hardware tokens. Users can choose the method that best suits their needs. Administrators can also use Entra ID conditional access policies to set when MFA is required based on signals such as the user's location, device, role or risk level. Further details can be found in the linked Techcommunity article.


Cookies helps to fund this blog: Cookie settings

This entry was posted in Cloud, Security and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *