Microsoft 365 admin center MFA enforcement
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Microsoft will enforce multi-factor authentication (MFA) for Microsoft 365 admin center sign-ins starting February 9, 2026, blocking administrators who have not enabled MFA. The policy applies to portal.office.com/adminportal/home, admin.cloud.microsoft, and admin.microsoft.com. Microsoft says the change will reduce account compromise risk and help stop phishing and credential stuffing attacks. Organizations that miss the deadline may face access disruptions to administration and management functions.
Related Happenings
Microsoft Teams admin policy adds approval-based control for third-party bots
Security Tool/Service
H score11
First: 30.06.2026 13:52
Last: 30.06.2026 13:52
Sources 1
About this happening:
Microsoft Teams introduced an **admin policy** that lets organizers prevent **third-party bots** from joining meetings without approval. The control improves **visibility** over e...
Microsoft Teams admin policy adds approval-based control for third-party bots
Security Tool/ServiceAbout this happening: Microsoft Teams introduced an **admin policy** that lets organizers prevent **third-party bots** from joining meetings without approval. The control improves **visibility** over e...
Microsoft Teams third-party bot approval controls for meeting social-engineering risk
Defensive Guidance
H score11
First: 30.06.2026 13:52
Last: 30.06.2026 13:52
Sources 1
About this happening:
**Microsoft Teams** has added admin controls that block **third-party bots** without approval, reducing **meeting social-engineering risk** across managed tenants. The policy impr...
Microsoft Teams third-party bot approval controls for meeting social-engineering risk
Defensive GuidanceAbout this happening: **Microsoft Teams** has added admin controls that block **third-party bots** without approval, reducing **meeting social-engineering risk** across managed tenants. The policy impr...
Microsoft My Sign-Ins MFA outage
Service Disruption
H score25
First: 01.06.2026 14:40
Last: 01.06.2026 14:40
Sources 1
About this happening:
**Microsoft** is dealing with an **ongoing outage** that is blocking some users from setting up **multi-factor authentication (MFA)** and accessing **My Sign-Ins**. Affected users...
Microsoft My Sign-Ins MFA outage
Service DisruptionAbout this happening: **Microsoft** is dealing with an **ongoing outage** that is blocking some users from setting up **multi-factor authentication (MFA)** and accessing **My Sign-Ins**. Affected users...
Azure Backup for AKS Trusted Access permission tightening
Security Patch Release
H score8
First: 16.05.2026 23:55
Last: 16.05.2026 23:55
Sources 1
About this happening:
**Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...
Azure Backup for AKS Trusted Access permission tightening
Security Patch ReleaseAbout this happening: **Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...
KongTuke Microsoft Teams initial access campaign
Campaign
H score42
First: 14.05.2026 15:12
Last: 14.05.2026 15:12
Sources 1
About this happening:
The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...
KongTuke Microsoft Teams initial access campaign
CampaignAbout this happening: The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...
Timeline
-
08.01.2026 14:10 2 articles · 6mo ago
Microsoft announces MFA enforcement for Microsoft 365 admin center
Initial DisclosureMicrosoft announced that it will enforce multi-factor authentication (MFA) for all Microsoft 365 admin center sign-ins starting February 9, 2026, blocking administrators without MFA from portal.office.com/adminportal/home, admin.cloud.microsoft, and admin.microsoft.com. Microsoft said the change is meant to reduce account compromise risk and prevent unauthorized access to Microsoft 365 administrative functions.
Show sources
- Microsoft to enforce MFA for Microsoft 365 admin center sign-ins — www.bleepingcomputer.com — 08.01.2026 14:10
- Microsoft to enforce MFA for Microsoft 365 admin center sign-ins — www.bleepingcomputer.com — 08.01.2026 14:10
-
08.01.2026 14:10 1 articles · 6mo ago
MFA enforcement goes live for Microsoft 365 admin center
Mitigation Patch UpdateMicrosoft begins enforcing MFA for Microsoft 365 admin center sign-ins on February 9, 2026, requiring MFA for all users and blocking sign-ins without MFA on portal.office.com/adminportal/home, admin.cloud.microsoft, and admin.microsoft.com. Organizations that have not enabled MFA before the deadline face access disruptions to Microsoft 365 administrative access.
Show sources
- Microsoft to enforce MFA for Microsoft 365 admin center sign-ins — www.bleepingcomputer.com — 08.01.2026 14:10