In an effort to boost security for users and organizations, Microsoft has decided to require multifactor authentication (MFA) for all accounts trying to access the Microsoft 365 admin center. The company said that this will be the policy from February 3, however, it'll be rolled out in phases, and you'll be warned 30 days before it affects you via the Microsoft 365 admin center message center.
If you want to bolster your security already, there is no need to wait for Microsoft to make this change for you. Microsoft has given these recommended actions for anyone that wants to secure themselves now:
- Global admins: To set up MFA in your organization now, visit the MFA setup guide at aka.ms/MFAWizard or refer to Set up multifactor authentication for Microsoft 365
- Users accessing the Microsoft 365 admin center: Check your verification methods and add one if needed by going to aka.ms/mfasetup.
According to the Redmond giant, MFA leads to a 99.22% reduction in risk of account compromise. Given that the M365 admin center lets you control your organization's settings, users, licenses, subscriptions, and more, it's a wise choice to enforce MFA for anyone trying to access it.
Microsoft said it understands that organizations may have complex set-ups and may need more time to prepare for the MFA requirement. If this is the case in your organization, then you can request an extension through the Azure portal. It should be noted that this is only a postponement, eventually, everyone will have to switch to MFA.
If you want to learn more in-depth information about this change, head over to Microsoft's announcement and have a look through the FAQs to see if your questions are answered.
4 Comments - Add comment