Microsoft 365 Admin Center: Multi-factor authentication soon mandatory
2025, a password will no longer be sufficient to log in to the Microsoft 365 Admin Center. MFA codes will make it more difficult to hijack accounts.
(Image: peterschreiber.media/Shutterstock.com)
Microsoft wants to protect Microsoft 365 accounts more effectively against cyberattacks and is therefore tightening up the login process in the Admin Center. The introduction of mandatory multi-factor authentication (MFA) is set to begin at the start of 2025.
Extra layer of security
If MFA is active, a code is required in addition to the password to log in. This is generated by an authenticator app, for example. If an attacker already knows a password, this is no longer sufficient to access and compromise an account when MFA is active. In addition to the password, an MFA code is also required to log in.
Videos by heise
In an article, Microsoft states that MFA is to become mandatory for the Microsoft 365 Admin Center. According to their own information, they want to start this from February 2025. Of course, admins can already activate MFA in the account settings. There, they can also check whether the extended login procedure is already active.
To make the changeover easier, Microsoft has compiled information on hardened sign-in in an article. There is also an FAQ on the subject and suggestions on how the changeover works in the context of third-party identity providers.
More MFA
Microsoft announced the roadmap for the introduction of MFA in Azure back in August of this year. The first phase of the transition started in October and MFA is mandatory for logging into the Azure Portal, Microsoft Etra ID Admin Center and Intune Admin Center. Azure CLI, Azure PowerShell, Azure Mobile App and Infrastructure-as-Code tools (IaC) will follow in 2025. This will take place under the umbrella of Microsoft's Secure Future Initiative (SFI).
(des)
