Microsoft says it has been implementing multifactor authentication (MFA) for Azure Portal sign-ins throughout all tenants since March 2025.
The corporate’s Azure MFA enforcement efforts have been introduced in Could 2024 when Redmond started implementing necessary MFA for all customers signing into Azure to manage assets.
One 12 months in the past, in August 2024, Microsoft additionally warned Entra world admins to allow MFA for his or her tenants by October 15, 2024, to make sure customers do not lose entry to admin portals.
After finishing the rollout for Azure portal sign-ins, the corporate will start implementing MFA on Azure CLI, PowerShell, SDKs, and APIs in October 2025 to guard customers’ accounts towards assaults.
“We’re proud to announce that multifactor enforcement for Azure Portal sign-ins was rolled out for 100% of Azure tenants in March 2025,” Microsoft mentioned on Friday.
“By implementing MFA for Azure sign-ins, we purpose to give you the very best safety towards cyber threats as a part of Microsoft’s dedication to reinforce safety for all clients, taking one step nearer to a safer future.”
These modifications observe a November 2023 announcement that Microsoft would quickly roll out Conditional Entry insurance policies requiring MFA for all admins when signing into Microsoft admin portals (together with Entra, Microsoft 365, Trade, and Azure), for customers on all cloud apps, in addition to for high-risk sign-ins.
As a part of the identical effort to spice up MFA adoption, Microsoft-owned GitHub has begun implementing two-factor authentication (2FA) for all energetic builders beginning in January 2024.
A Microsoft research from two years in the past discovered that 99.99% of accounts protected by MFA efficiently fend off hacking makes an attempt and that MFA additionally lowers the probability of account compromise by 98.56%, even when attackers try to make use of stolen credentials.
“Our aim is 100% multifactor authentication,” former Microsoft VP of Id Safety Alex Weinert mentioned on the time. “On condition that formal research present multifactor authentication reduces the danger of account takeover by over 99 p.c, each consumer who authenticates ought to accomplish that with trendy sturdy authentication.”
46% of environments had passwords cracked, practically doubling from 25% final 12 months.
Get the Picus Blue Report 2025 now for a complete have a look at extra findings on prevention, detection, and knowledge exfiltration tendencies.
