This article on Microsoft Entra's mandatory multi-factor authentication (MFA) explains Microsoft's plans to enforce MFA for all users and administrators accessing certain applications, starting Oct. 15, 2024. This enforcement aims to bolster security by requiring an additional authentication factor beyond a password, such as a mobile authentication app or hardware token.

Key points

Impact: The mandatory MFA applies to administrators using the Azure portal, Microsoft Entra admin center, Microsoft Intune admin center, and more. MFA adds an extra layer of security to help prevent unauthorized access.

Options: Admins can apply for a grace period on this page if they are not ready by Oct. 15, 2024.

Enforcement phases  

The enforcement of MFA rolls out in two phases:

• Phase 1 (Oct. 15, 2024): MFA will be required for signing in to the Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center. This phase won’t affect tools like Azure CLI, Azure PowerShell, or the Azure mobile app.

• Phase 2 (Early 2025): MFA enforcement extends to Azure CLI, Azure PowerShell, Azure mobile app, and IaC tools. Customers using user accounts as service accounts are advised to migrate to more secure, cloud-based service accounts with workload identities.

Impact on ADManager Plus

ADManager Plus is not impacted by this MFA requirement, since the applications specified in the requirement are not utilized for any functions by ADManager Plus. Therefore, as a user of ADManager Plus, there is no need to take any action.