
Hi, you need to exclude the BreakGlass from MFA. That is required in case MFA is somehow broken or the other Admins in your tenant do not have access to their devices. Excluding from MFA means authentication is by password only, so secure the credentials and ensure they are complex so it cant be easily guessed. If you are monitoring signins, be sure to monitor and report any usage by this account as well.