Microsoft forces Azure users to enable MFA starting October 2025
Phase 2 of Microsoft’s multi-factor authentication (MFA) enforcement will begin on October 1st, 2025. From then on, users will be required to authenticate with MFA before they can perform resource management operations on Azure.

Image by Cybernews.
Phase 2 of Microsoft’s multi-factor authentication (MFA) enforcement will begin on October 1st, 2025. From then on, users will be required to authenticate with MFA before they can perform resource management operations on Azure.
According to Microsoft, research shows that multi-factor authentication can block more than 99.2 percent of all account compromise attacks, making it one of the most effective security measures against threat actors.
For that reason, in August 2024, Microsoft announced mandatory MFA implementation for Azure Public Cloud sign-ins. The goal is to better protect customers against account takeovers, data breaches, and other cyber threats.
Microsoft didn’t force administrators to immediately implement MFA to protect their Azure accounts. Instead, the MFA requirement was enforced gradually. During phase 1, which was announced last year, MFA enforcement was implemented on Azure Portal, Microsoft Entra admin center, and Intune admin center sign-ins. As of March 2025, MFA enforcement for Azure Portal sign-ins was rolled out for all Azure tenants.
Phase 2 will start on October 1st, 2025. By then, Azure management via alternative channels, including Azure Command-Line (CLI), Azure PowerShell, Azure Mobile App, REST APIs, Azure Software Development Kit (SDK) client libraries, and Infrastructure as Code (IaC), will also require MFA implementation.
The second phase will also be a gradual process, although Microsoft hasn’t specified how often it will enforce MFA implementation.
Microsoft will start emailing administrators this week. They can then ensure that all software is updated to the correct versions, such as Azure CLI version 2.76 and Azure PowerShell version 14.3 or later.