October 15th MFA enforcement

Coltin Zielke 0 Reputation points
2024-09-25T19:08:46.0066667+00:00

Hello,

I have some questions and concerns about the MFA enforcement coming October 15th 2024. I am hoping we can confirm that this is for the Entra admin center, Azure portal, and Intune only?

Also i want to confirm if security defaults are going to be enforced on this date? Can we still opt out of security defaults if they are enforced?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Authenticator
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marcin Policht 50,895 Reputation points MVP Volunteer Moderator
    2024-09-25T19:37:42.36+00:00

    Confirmed...

    The dates are listed at https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mandatory-multifactor-authentication and they do include the Entra admin center, the Intune Admin center, and the Azure portal.

    Security defaults would apply if you don't use P1 or P2 licensing (with Conditional Access). As per the aforementioned article:

    If your organization chose to retain Microsoft’s security defaults, and you currently have security defaults enabled, your users don't see any changes as MFA is already required for Azure management. If your tenant is using Conditional Access policies in Microsoft Entra and you already have a Conditional Access policy through which users sign into Azure with MFA, then your users don't see a change. Similarly, any restrictive Conditional Access policies that target Azure and require stronger authentication, such as phishing-resistant MFA, continue to be enforced. Users don't see any changes.


    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin


  2. TP 126.2K Reputation points Volunteer Moderator
    2024-09-25T19:42:04.1233333+00:00

    Hi Coltin,

    I am hoping we can confirm that this is for the Entra admin center, Azure portal, and Intune only?

    Yes, only Azure portal, Entra admin, Intune admin.

    https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mandatory-multifactor-authentication#scope-of-enforcement

    Also i want to confirm if security defaults are going to be enforced on this date? Can we still opt out of security defaults if they are enforced?

    You can use Per-user MFA (free), or enable Security Defaults (free), or Conditional Access (requires at least P1 licenses). Per-user MFA would be least disruptive free option since you could apply it only to your users that access admin portals. Conditional Access is best option, but isn't free.

    Please click Accept Answer and upvote if the above was helpful.

    Thanks.

    -TP


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.