Security at your organization - Multifactor authentication (MFA) statistics
Our Identity security team works hard every day and blocks millions of attacks. Unfortunately, despite our best efforts, some attacks still manage to get through. When an account is compromised, attackers can gain access to sensitive information and cause real harm. However, many of these attacks could be prevented by implementing good security practices, such as using multifactor authentication (MFA) at sign in and requiring modern authentication protocols that are phishing-proof. We've found that more than 99.9% of compromised accounts don't have MFA, leaving them vulnerable to password spray, phishing, and password reuse. To help you understand better how well your tenant is secured and where action needs to be taken, we've created an MFA reporting page. This page provides valuable insights that will help you take timely action to enable MFA for all your users, ensuring that your environment is as secure as possible.
How do I visit this page?
See MFA Statistics.
Note
You can also select the More insights link in the Insights column of the Security Requirements page in Partner Center.
Security at your organization
The Security at your organization page shows the following details:
- MFA Status: The status illustrates if your tenant is MFA protected (Complete) or not protected (Incomplete). A user with Tenant Administrator role in Microsoft Entra ID can act on enabling MFA by selecting Require MFA for all administrator logins.
- Admins with MFA enabled: Provides how many admins in a tenant have MFA enabled out of the total number of admins in the tenant.
- All users with MFA enabled: Provides how many users in a tenant have MFA enabled out of all users in the tenant, including admin users.
- Points Achieved: The statistics provides you how many points your tenant has achieved for the requirement Require MFA for Admin roles towards your overall Security Score. This information can also be viewed in the Security Requirements page.
MFA details
- Admins MFA Registration
- The chart displays the subset of Admins who are covered by a policy but haven't registered their device for MFA, subset of Admins with MFA Enabled, admins without MFA enabled.
- All users with MFA Registration:
- The chart displays the subset of Users who are covered by a policy but haven't registered their device for MFA, subset of Users with MFA Enabled, users without MFA enabled.
MFA policy details
This section showcases if your tenant is protected by any of the below MFA policies accompanied by an Enabled or Disabled.
- With Security Defaults (recommended)
- With Conditional Access policies
- With Legacy Per-User MFA (That is, for each individual user account) (not recommended)
To learn more details about the policies, policy coverage and how to enable them, see Multifactor authentication for Microsoft 365.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for