All Azure log-ins will soon require MFA authentication. Here's what you need to know

It’s official. Microsoft has announced that multi-factor authentication (MFA) will become mandatory for all Azure sign-ins as part of its Secure Future Initiative to strengthen account security starting in the second half of 2024.

Microsoft recently announced that it will be rolling out mandatory MFA for Azure sign-ins in two phases. The first phase, starting in October 2024, will require MFA to access the Azure portal, Microsoft Entra admin center, and Intune admin center—worldwide.

In the second phase, beginning in early 2025, MFA will also be required for other Azure tools like Azure CLI, PowerShell, the Azure mobile app, and Infrastructure as Code (IaC) tools. This step-by-step approach allows organizations time to prepare for the changes while improving overall security.

Microsoft also says it will start sending a 60-day advance notice to all Entra global admins via email and Azure Service Health Notifications to inform them of upcoming enforcement actions and what steps they need to take.

This measure is part of Microsoft’s broader $20 billion investment in security to protect identities and reduce unauthorized access. The Redmond company was thrown into hot water after the SolarWinds attack and Chinese hackers’ exploit, so last year, the Secure Future Initiative was launched.

In short, SFI uses AI and automation to detect vulnerabilities faster and reduce the time needed to fix them, while also calling for international laws to protect cloud services from cyberattacks—so much so that Microsoft has reportedly told its employees in China to ditch Android for iPhones due to cybersecurity concerns and Android’s lack of Google services in the country.