Security News > 2024 > May > Microsoft to start enforcing Azure multi-factor authentication in July
Starting in July, Microsoft will begin gradually enforcing multi-factor authentication for all users signing into Azure to administer resources.
"Service principals, managed identities, workload identities, and similar token-based accounts used for automation are excluded. Microsoft is still gathering customer input for certain scenarios such as break-glass accounts and other special recovery processes," explained Azure product manager Naj Shahid.
"Students, guest users and other end-users will only be affected if they are signing into Azure portal, CLI, PowerShell or Terraform to administer Azure resources. This enforcement policy does not extend to apps, websites or services hosted on Azure. The authentication policy for those will still be controlled by the app, website or service owners."
Microsoft also urged admins to enable MFA in their tenants before the rollout using the MFA wizard for Microsoft Entra.
According to a Microsoft study focused on analyzing the security performance of MFA methods across a large dataset of Azure Active Directory users exhibiting suspicious activity, MFA offers a big boost of protection for user accounts against cyberattacks, with over 99.99% of all MFA-enabled accounts resisting hacking attempts.
Get up to date on Microsoft Azure with $77 off this training bundle.