Microsoft to Enforce Multi-Factor Authentication on Azure Portal Logins

Microsoft announced that it will enforce mandatory multi-factor authentication (MFA) for all sign-in attempts to the Azure portal and other administrative interfaces.

The new requirement aims to block unauthorized access to high-value cloud resources by adding an extra layer of verification beyond passwords. According to Microsoft’s own research, enabling MFA can prevent over 99.2 percent of account compromise attacks, making it one of the most effective defenses against credential theft.

From October 1, 2025, Microsoft will require MFA for operations performed through the Azure CLI, Azure PowerShell, the Azure mobile app, infrastructure-as-code (IaC) tools, and Control Plane REST API endpoints when creating, updating, or deleting resources.

Microsoft cautions against using user accounts for automated and encourages organisations to migrate user-based service accounts to secure, cloud-based workload identities such as managed identities or service principals.

Read More:

https://gbhackers.com/microsoft-equire-multi-factor-authentication-on-azure/

Skip to content