Mandatory MFA for Microsoft Entra ID: What M365 Manager Plus users need to know

Mandatory MFA for Microsoft Entra ID: What M365 Manager Plus users need to know

Starting October 15, 2024, Microsoft Entra ID, Microsoft Intune, and other Microsoft Azure applications will require users to sign in with Microsoft Entra MFA. The article on Microsoft Entra's mandatory multi-factor authentication (MFA) explains their plans to enforce MFA for all users and administrators accessing certain applications. This enforcement aims to bolster security by requiring an additional authentication factor, such as a mobile app or hardware token, beyond just passwords.

For more information on the mandate, check out our blog on Why Microsoft is mandating MFA for Entra ID and Azure.

Key takeaways

Impact: The mandatory MFA applies to administrators using the Azure portal, Microsoft Entra admin center, and Intune admin center. MFA adds an extra layer of security to help prevent unauthorized access.

Options: Admins can apply for a grace period on this page if they are not ready before October 15, 2024, but enabling MFA as soon as possible is encouraged.

 

Enforcement phases  

The enforcement of MFA rolls out in two phases:

  • Phase 1 starts on Oct 15, 2024: MFA will be made mandatory for access to admin portals for apps such as Entra ID, Azure, and Intune. MFA will also be required when accessing any services managed with the Microsoft Intune admin center, such as Windows 365 Cloud PCs.

  • Phase 2 starts in early 2025: MFA will be enforced for the Azure CLI, Azure PowerShell, Azure mobile app, and Infrastructure as Code tools. Customers using user accounts as service accounts are advised to migrate to more secure, cloud-based service accounts with workload identities.

 

 

Impact on M365 Manager Plus

M365 Manager Plus will not be impacted by this MFA requirement for the first phase since the applications specified are not utilized for any functions by M365 Manager Plus. Therefore, there is no need for any action or remediation to continue using M365 Manager Plus. We are preparing for the second phase of this enforcement and will have a solution to use M365 Manager Plus seamlessly without being affected by this mandate.


                  New to ADSelfService Plus?