Comments on: Mandatory MFA Requirement for Access to Azure Sites and Tools https://office365itpros.com/2024/08/19/azure-mfa-requirement/?utm_source=rss&utm_medium=rss&utm_campaign=azure-mfa-requirement Mastering Office 365 and Microsoft 365 Mon, 19 Aug 2024 08:40:36 +0000 hourly 1 By: Tony Redmond https://office365itpros.com/2024/08/19/azure-mfa-requirement/#comment-12703 Mon, 19 Aug 2024 08:40:36 +0000 https://office365itpros.com/?p=66039#comment-12703 In reply to Paul Cooper.

It does. You can continue to have a break glass account that is excluded from MFA and doesn’t use MFA, but if a problem happens that account will not be able to satisfy the requirement to undergo an MFA challenge to access Azure administrative tools. For instance, the account could access the Microsoft 365 admin center but not the Entra admin center. To make sure that the break glass account can access everything, it must be able to satisfy MFA. The recommended approach is to use a strong authentication method like a FIDO2 key.

]]> By: Paul Cooper https://office365itpros.com/2024/08/19/azure-mfa-requirement/#comment-12702 Mon, 19 Aug 2024 08:04:06 +0000 https://office365itpros.com/?p=66039#comment-12702 So this overturns the previous advice of having a breakglass account exluded from all conditional access policies including MFA, which has a very long password printed out and kept in a safe (possibly half in one safe and the other half in another)

]]>