{"id":4944,"date":"2024-08-19T15:27:54","date_gmt":"2024-08-19T20:27:54","guid":{"rendered":"https:\/\/www.darkreading.com\/identity-access-management-security\/microsoft-will-require-mfa-for-azure-services"},"modified":"2024-08-19T15:27:54","modified_gmt":"2024-08-19T20:27:54","slug":"microsoft-will-require-mfa-for-azure-services","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/08\/19\/microsoft-will-require-mfa-for-azure-services\/","title":{"rendered":"Microsoft Will Require MFA for Azure Services"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/blt905b609b016d212b\/66c4712e4e0cbb42268d1eb1\/mfasecurity-geniusstudio-AdobeStock.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Starting in October, all Microsoft Azure customers will be required to have multifactor authentication (MFA) enabled on their accounts, Microsoft said.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">From Microsoft&#8217;s perspective, requiring MFA across its entire customer base will help reduce the risk of account compromise and data breaches. MFA can <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RW166lD?culture=en-us&amp;country=us\" rel=\"noopener\">block more than 99.2% of account compromise attacks<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, according to the company.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Mandatory MFA will be turned on for Azure portal, Microsoft Entrata admin center, and Intune admin center, wrote Azure Computer principal product managers Naj Shahid and Bill DeForeest <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/announcing-mandatory-multi-factor-authentication-for-azure-sign-in\/\" rel=\"noopener\">in a blog post<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">. Notifications will start going out to customers via email and Azure Service Health Notifications to give them time to prepare. Customers will receive the date enforcement will begin as well as actions that need to be taken before that date.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Mandating MFA for Azure is part of <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.darkreading.com\/application-security\/microsoft-will-hold-executives-accountable-for-cybersecurity\" rel=\"noopener\">Microsoft&#8217;s Secure Future Initiative<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> announced last year to integrate key security features into its products and services. Recent data breaches, such as the attacks against Snowflake customers, succeeded because the compromised systems did not have MFA enabled.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Organizations can choose from an array of MFA options, including Microsoft Authenticator, FIDO2 security keys, certificate-based authentication, and passkeys. While less secure, SMS or voice forms of MFA will also be acceptable, Microsoft said.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Organizations with complex environments or facing technical barriers to adopting MFA can request additional time. Mandatory MFA will not be required for Azure Command Line Interface, Azure PowerShell, Azure mobile app, and infrastructure-as-code tools until early 2025.<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/identity-access-management-security\/microsoft-will-require-mfa-for-azure-services\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Starting in October, all Microsoft Azure customers will be required<\/p>\n","protected":false},"author":12,"featured_media":4945,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-4944","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=1300%2C731&ssl=1",1300,731,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=1300%2C731&ssl=1",1300,731,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=1300%2C731&ssl=1",1300,731,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsoft-will-require-mfa-for-azure-services.jpg?fit=1300%2C731&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4944"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4944\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/4945"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}