Research indicates that Multifactor Authentication (MFA) can block more than 99% of account attacks. For this reason, in Q4 of 2024, Microsoft began requiring MFA for all their cloud services, including Azure, Entra Admin Center, and Intune Admin Center
On February 3, 2025, Microsoft began requiring MFA for the M365 Admin Center and requested that all M365 user accounts have MFA implemented by September 2025.
What Do You Need To Know:
- In February 2025, Microsoft began moving M365 MFA to a new platform. This move includes policy changes. The changes are largely invisible to the end users, but we have seen some anomalies that result in the authenticator generated code not working. When this happens, the end user will need to choose a new MFA method.
- There are multiple methods to receive an authentication code for MFA. These include authenticator applications, text messages, and phone calls. You should choose the method that works best for the end user.
What You Need to Do:
- Start planning on implementing MFA for all end users now by talking about which method will work best for your end users’ MFA code generation.
What DCR Is Doing:
- We will proactively implement MFA for all global administrator accounts for companies that were our clients prior to Q4 2024.
- At that time, we also removed global administrator rights from user accounts that did not need that level of access.
- In March 2025, we will convert our own M365 MFA to the new platform.
- In April 2025, we will begin contacting our clients to discuss your MFA implementation or migration. We will assist you, as needed, with ensuring your M365 MFA meets recommended security standards.
Our engineering team looks forward to working with you. Please do not hesitate to contact us with questions or concerns.