Microsoft 365 admin center multifactor authentication enforcement

Implementing multi-factor authentication (MFA) in the Microsoft 365 admin center significantly reduces the risk of account compromise, prevents unauthorized access, and safeguards sensitive data. By adding an extra layer of protection beyond standard username and password authentication, MFA makes it harder for attackers to steal data and prevents unauthorized access from phishing, credential stuffing, brute force, or password reuse attacks. As part of our ongoing commitment to advancing cybersecurity across our company and products, starting February 3rd, 2025, Microsoft will begin requiring all users to use MFA when signing into the Microsoft 365 admin center. This requirement will be rolled out in phases at the tenant level over the coming weeks.

Take action now:

Global admins: To set up MFA in your organization now, visit the MFA setup guide at aka.ms/MFAWizard or refer to Set up multifactor authentication for Microsoft 365.
Users accessing the Microsoft 365 admin center: Check your verification methods and add one if needed by going to aka.ms/mfasetup.

How this will affect your organization:

MFA will need to be enabled for your tenant to ensure admins are able to sign-in to the Microsoft 365 admin center.

What you can do to prepare:

If you have not already, set up MFA by February 3rd, 2025
If you have already set up MFA, no action is required. It is recommended that you verify that all users accessing the Microsoft 365 admin center have added a verification method to their account.
Global admins: To set up MFA in your organization now, visit the MFA setup guide at aka.ms/MFAWizard or refer to Set up multifactor authentication for Microsoft 365.
Users accessing the Microsoft 365 admin center: Check your verification methods and add one if needed by going to aka.ms/mfasetup.
If you will not be ready for the MFA requirement before February 3rd, 2025, you can apply to postpone the enforcement date. Note that postponement of the MFA enforcement for Azure portal will also apply postponement for the Microsoft 365 admin center.

M	T	W	T	F	S	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30

Cookie	Duration	Description
__gads	1 year 24 days	The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
_clck	1 year	No description
_clsk	1 day	No description
ApplicationGatewayAffinityCORS	session	No description available.
CLID	1 year	No description
GoogleAdServingTest	session	No description
LiSESSIONID	session	No description available.
LithiumUserInfo	past	No description
LithiumUserSecure	past	No description
LithiumVisitor	1 year	No description available.
original_req_url	past	No description
SM	session	No description available.
SRM_B	1 year 24 days	No description available.

Microsoft 365 admin center multifactor authentication enforcement

Microsoft 365 admin center multifactor authentication enforcement

No Comments

Add your comment Cancel reply

Thibault CHÂTIRON

Follow Blog via Email

Recent Posts

Categories

Archives