[German]Microsoft will introduce multi-factor authentication (MFA) for Azure resource management starting in October 2025. Administrators should respond promptly.
The document Planning for mandatory multifactor authentication for Azure and other admin portals contains a reference to the upcoming change under "Phase 2 Application." It states that, starting October 1, 2025, Microsoft will gradually introduce MFA enforcement for accounts that log in to Azure CLI, Azure PowerShell, the Azure mobile app, IaC tools, and REST API endpoints to perform create, update, or delete operations. MFA is not required for read operations.
Some customers may use a user account in Microsoft Entra ID as a service account. Microsoft recommends migrating these user-based service accounts to secure cloud-based service accounts with workload identities.
Bleeping Computer write here that this change is part of Microsoft's Secure Future Initiative (SFI). To avoid compatibility issues, users are also advised to update Azure CLI to version 2.76 or higher and Azure PowerShell to version 14.3 or higher.
Global administrators who need more time to meet the requirements can postpone the implementation date until July 2026.
