{“lastseen”:”2025-09-05T16:44:53″,”description”:”As cyberattacks become increasingly frequent, sophisticated, and damaging, safeguarding your digital assets has never been more critical, and at Microsoft, your security is our top priority. Microsoft research shows that multi-factor authentication (MFA) can block more than 99.2% of account compromise attacks, making it one of the most effective security measures available.\\n\\nAs announced in August 2024, Azure started to implement mandatory MFA for Azure Public Cloud sign-ins. By enforcing MFA for Azure sign-ins, we aim to provide you with the best protection against cyber threats as part of Microsoft\u2019s commitment to enhance security for all customers, taking one step closer to a more secure future.\\n\\nAs previously announced, Azure MFA enforcement was rolled out gradually in phases to provide customers with enough time to plan and execute their implementations:\\n\\n * **Phase 1:** MFA enforcement on Azure Portal, Microsoft Entra admin center, and Intune admin center sign-ins.\\n * **Phase 2:** Gradual enforcement for MFA requirement for users performing Azure resource management operations through any client (including but not limited to: Azure Command-Line Interface (CLI), Azure PowerShell, Azure Mobile App, REST APIs, Azure Software Development Kit (SDK) client libraries, and Infrastructure as Code (IaC) tools).\\n\\n\\n\\nWe are proud to announce that multifactor enforcement for Azure Portal sign-ins was rolled out for 100% of Azure tenants in March 2025. Now, Azure is announcing the start of Phase 2 MFA enforcement at the Azure Resource Manager layer, starting** October 1, 2025**. Phase 2 enforcement will be gradually applied across Azure tenants through Azure Policy, following Microsoft safe deployment practices.\\n\\nStarting this week, Microsoft sent notices to all Microsoft Entra Global Administrators by email and through Azure Service Health notifications to notify the start date of enforcement and how to prepare for upcoming MFA enforcement.\\n\\nPrepare for mandatory MFA enforcement\\n\\n## Customer impact\\n\\nUsers will be required to authenticate with MFA before performing resource management operations. Workload identities, such as managed identities and service principals, aren\u2019t impacted by either phase of this MFA enforcement.\\n\\nLearn more about the scope of enforcement.\\n\\n## How to prepare\\n\\n### 1\\\\. Enable MFA for your users\\n\\nTo ensure your users can perform resource management actions, enable MFA for your users by **October 1, 2025**. To identify which users in your environment are set up for mandatory MFA, follow these steps. \\n\\n### 2\\\\. Understand potential impact\\n\\nTo understand potential impact ahead of Phase 2 enforcement, assign built-in Azure Policy definitions to block resource management operations if the user has not authenticated with MFA.\\n\\nCustomers can gradually apply this enforcement across different resource hierarchy scopes, resource types, or regions.\\n\\n### 3\\\\. Update your Azure CLI and PowerShell clients\\n\\nFor the best compatibility experience, users in your tenant should use Azure CLI version 2.76 and Azure PowerShell version 14.3 or later.\\n\\n## Next steps for multi-factor authentication for Azure sign-in\\n\\n * To ensure your users can perform resource management actions, enable MFA for your users by **October 1, 2025**. \\n * To understand the potential impact, apply a built-in Azure Policy definition in **audit or enforcement mode**.\\n * For the best compatibility experience, users in your tenant should use**Azure CLI version 2.76** and **Azure PowerShell version 14.3** or later.\\n * If you can\u2019t enable MFA for your tenant by October 1, 2025, the **Global Administrator** for your tenant can postpone the enforcement date through Azure Portal.\\n * Keep an eye out for further communications through the previously communicated notification channels.\\n\\n\\n\\nThe post Azure mandatory multifactor authentication: Phase 2 starting in October 2025 appeared first on Microsoft Security Blog.”,”published”:”2025-09-05T15:00:00″,”modified”:”2025-09-05T15:00:00″,”type”:”mssecure”,”title”:”Azure mandatory multifactor authentication: Phase 2 starting in October 2025″,”source”:””,”references”:””,”id”:”MSSECURE:4A4D25E4625AE72131D19D3FE55AD8F6″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/azure.microsoft.com\/en-us\/blog\/azure-mandatory-multifactor-authentication-phase-2-starting-in-october-2025\/”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-09-05T16:44:53″,”description”:”As cyberattacks become increasingly frequent, sophisticated, and damaging, safeguarding your digital assets has never been more critical, and at Microsoft, your security is our top…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,110,13,33,7,11,5],"class_list":["post-16112","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-mssecure","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n