Microsoft MFA is Mandatory for Accessing Azure from July 2024

Let’s discuss Microsoft MFA, which will be Mandatory for Accessing Azure from July 2024. Microsoft recently announced that it will roll out additional tenant-level security measures to require multi-factor authentication (MFA) for Azure users.

Do you know what MFA is? Multi-factor authentication (MFA) is a process in which users are prompted for an additional form of identification during the sign-in process. You will need to get ready to MFA-enable your access to Azure services from July 2024.

As you all know, MFA is very important for accessing various services to verify their identity before accessing. It is the best method for ensuring your security in the cyber world. You can protect cloud investments by establishing this security baseline at the tenant level puts in place additional security to protect.

In this blog post, I will explain why Microsoft MFA is Mandatory for Accessing Azure from July 2024. You will get complete clarifications on these changes on MFA in Azure.

Patch My PC
Microsoft MFA is Mandatory for Accessing Azure from July 2024 - Fig.1
Microsoft MFA is Mandatory for Accessing Azure from July 2024 – Fig.1

Microsoft MFA is Mandatory for Accessing Azure from July 2024

As mentioned, MFA will be mandatory for Azure Users from July 2024. MFA is working with users to provide two or more pieces of evidence to verify their identity before accessing a service or a resource. Pieces of evidence mean username, password, etc.

MFA is also a key component of identity and access management, which involves ensuring that only authorized and authenticated users can access the services and resources. MFA can prevent unauthorized access due to phishing, credential stuffing, etc. The table below provides more clarification about the upcoming changes.

Upcoming Changes for Azure UsersDetails
ScopeThe new changes will impact all users administering Azure resources through the portal, CLI, PowerShell or Terraform
ImpactOnly impact users administering resources. It will not impact apps or services hosted on Azure or any users not administering Azure resources.
ExclusionsService principals, managed identities, workload identities and similar token-based accounts used for automation are excluded.
ExpectationsNo workaround is available, such as emergency access, but details on this are currently unknown.
TimelineThe rollout will begin in July 2024. Once we have completed the rollout for portal, a similar gradual rollout will start for CLI, PowerShell and Terraform.
CommunicationThe rollout will begin in July 2024. Once we have completed the portal rollout, a similar gradual rollout will start for CLI, PowerShell, and Terraform.
Microsoft MFA is Mandatory for Accessing Azure from July 2024 – Table.1
Microsoft MFA is Mandatory for Accessing Azure from July 2024 - Fig.2
Microsoft MFA is Mandatory for Accessing Azure from July 2024 – Fig.2

Steps for Preparing for Upcoming Changes in your Organizations

Microsoft MFA will be mandatory for you within 2 months, from July 2024. Users should prepare for these changes, and it will help your organization. The 5 steps for Preparing for Upcoming Changes in Your Organizations are the following.

Microsoft MFA is Mandatory for Accessing Azure from July 2024 - Fig.3 - Creds to MS
Microsoft MFA is Mandatory for Accessing Azure from July 2024 – Fig.3 – Creds to MS

1. Export All Microsoft 365 Users MFA Status with PowerShell

You can use PowerShell to export a report on the MFA status of all users in Microsoft 365. This information helps you understand the current state of your users’ MFA settings.

Adaptiva

2. Migrate Legacy MFA and SSPR Policies to Authentication Methods

The 2nd step is the Migrate Legacy MFA and SSPR Policies to Authentication Methods. It will allow you to create tenant-wide policies from a single pane of glass.

3. Setup Registration Campaigns for MFA in Microsoft Entra Admin Center

It is the best way to encourage users to adopt a stronger multi-factor authentication method. It helps to provide a good security posture for your organisation and puts you well on your way to passwordless authentication.

4. Use Managed Identities with Microsoft Graph PowerShell

Analyse any existing DevOps pipelines, Runbooks and PowerShell scripts to ensure they do not use legacy auth to authenticate Azure resources. It provides a secure way for applications to access Azure resources without administrators needing to manage additional passwords or secrets. 

5. Setup External Authentication Methods in Microsoft Entra ID

It is the fifth method for Preparing for Upcoming Changes in Your Organization. If your organisation is utilising custom controls for MFA with an external provider, migrate to External Authentication Methods ASAP.

It has a huge range of benefits to third-party identity providers and the organisations that use them to integrate more directly into Microsoft’s backbone identity systems.

Reference

Microsoft will require MFA for all Azure users

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here for HTMD WhatsApp.

Author

Gopika S Nair is a computer enthusiast. She loves writing on Windows 11 and related technologies. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She is Post Graduate Diploma Holder in Computer Science.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.