Blogs & News
New Microsoft MFA sign-in process requirements
8 February 2024
To help protect end users and organisations, Microsoft are making it a requirement for every user in an organisation to have MFA (Multi-Factor Authentication) enabled, when accessing any Microsoft Cloud portal or underlying service.
This blogs details all you need to know about the upcoming requirements that Microsoft are implementing.
Why are Microsoft making MFA a requirement?
Microsoft want to raise the baseline security of your Tenants and make it harder for hackers to access your account or device.
MFA adds an extra layer of protection against cyberattacks, such as phishing, password cracking, or credential theft.
For more information on MFA and the reasons why it is important, refer to our previous blog.
What will GCC be doing to help your organisation meet the new Microsoft MFA requirements?
If GCC support your IT infrastructure, GCC will be rolling out security defaults on all tenants that do not already have MFA or per-user MFA.
GCC will begin enabling MFA on all Tenants from the 11th March 2024.
Once GCC have implemented the security defaults, when users go to sign-in, users will see a prompt to set up the Microsoft Authenticator app.
Users should install the Microsoft Authenticator app on their mobile device and register their account.
NOTE: Once GCC have implemented the security defaults, every user in your organisation will have 14 days to register for MFA.
What happens if users do not set up Microsoft MFA?
If end users do not follow the prompt to set up Microsoft MFA, they will not be able to login to Microsoft 365 Cloud services. This will include being able to read emails, view files and use Microsoft Teams.
What is the Microsoft Authenticator app?
The Microsoft Authenticator app is a free app that you can download and install on your mobile device. It helps you sign into your online accounts more securely by using multi-factor authentication, passwordless, or password autofill.
- Multi-factor authentication means that you need to provide more than one way to prove your identity, such as a password and a code or a notification sent to your phone.
- Passwordless means that you can sign in without using a password, just by entering your username and approving a notification or using your fingerprint, face, or PIN.
- Password autofill means that the app can store and fill in your passwords for you, so you don’t have to remember them or type them.
The app also lets you manage your Microsoft personal, work or school accounts and sync your passwords across your devices. You can use the app with Microsoft services like Outlook, OneDrive, Office, and more, as well as with other online accounts that support authenticator apps, such as Facebook, Amazon, Dropbox, Google, LinkedIn, GitHub, and more.
GCC offer security packs to help protect organisations to help manage, monitor and protect your IT infrastructure & data.
You can find out what’s included in our security packs here.