Follows AWS and Snowflake in enforcing stronger authentication measures.
Microsoft is to mandate multi-factor authentication (MFA) for all Azure accounts.
According to media reports, users will be able to select MFA options through Microsoft Entra, including:
- Using a mobile app for biometric logins or one-time passcodes though Microsoft Authenticator
- FIDO2 keys
- Certificate-based authentication
- MFA using personal identity verification and common access card
- Passkeys using Microsoft Authenticator
- SMS or voice approval
The requirement for MFA use applies to all users who perform any Create, Read, Update, Delete (CRUD) operation. Users who are accessing apps, websites or services hosted on Azure, but not signing into the Azure portal,
Microsoft follows the likes of Snowflake and AWS in enforcing stronger authentication measures in recent months.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
