Migrate to the Authentication methods policy in Entra ID by 30 September 2025

Question

When September 30 2025 roles around, does that mean that all users in an Microsoft 365 organization have to be using MFA and have SSPR configured for the organization?

Answer 1

@Paul Marter Thank you for reaching out to us, let me explain what is authentication methods policy is - this is a feature in Microsoft Entra ID/Azure Active Directory that allows administrators to manage which authentication methods are available to users for sign-in and password reset scenarios. This policy can be used to enable or disable specific authentication methods for all users or specific groups of users. It also allows administrators to configure parameters for each authentication method to control how it can be used. The Authentication methods policy can be accessed by clicking Security > Authentication methods > Policies in the Azure portal.

Currently we have two different sections in the Entra ID portal where this is managed, legacy mfa/sspr settings policy - https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-methods-manage#:~:text=Review%20the%20legacy%20MFA%20policy

To manage everything from one section, we have decided to move the management of these settings which is legacy mfa, hence that is timeline - September 30 2025, earlier it was September 30 2024, which we changed to September 30 2025.

How to migrate it, review this https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-methods-manage

Hope this clarifies your query, if you have any further questions, feel free to post back.

Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.