Microsoft has announced that it will begin fully enforcing multi-factor authentication for everyone who accesses the Microsoft 365 admin center starting next month.
From February 9, 2026, users who do not have MFA enabled will be blocked from signing in to the Microsoft 365 administrative portal.
Although Microsoft started rolling out MFA requirements for the admin center in February 2025, the company is now moving to full enforcement. Once the change takes effect, all users must use MFA to access the admin portals used to manage Microsoft 365 accounts and services. This includes commonly used admin center URLs such as portal.office.com/adminportal/home, admin.cloud.microsoft, and admin.microsoft.com.
Microsoft says this move is necessary to strengthen security and protect sensitive business data. Passwords alone are no longer enough to stop modern cyberattacks, and MFA adds an extra layer of protection by requiring a second verification step. This makes it much harder for attackers to gain access, even if a password is stolen.
According to Microsoft, MFA helps prevent unauthorized access caused by phishing, password reuse, credential stuffing, and brute-force attacks. The company stressed that enforcing MFA significantly lowers the risk of account compromise and keeps administrative access more secure.
Microsoft is urging IT administrators to act now to avoid disruptions. Organizations that do not enable MFA before the February deadline may face sign-in failures, which could interrupt daily IT operations and administrative tasks. Global administrators can set up MFA using Microsoft’s setup wizard or by following the official configuration guides. Individual users can review and add verification methods through Microsoft’s MFA setup portal.
This change follows Microsoft’s broader push to secure its platforms. The company has already enforced MFA for Azure Portal sign-ins across all tenants since March 2025. It also expanded MFA enforcement to Azure CLI, PowerShell, SDKs, and APIs in October 2025 to further protect accounts from attacks.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Microsoft has repeatedly pointed to strong data supporting MFA adoption. A company study published in November 2023 found that nearly all MFA-protected accounts were able to block hacking attempts successfully. The study also showed that MFA reduced the risk of account compromise by more than 98 percent, even when login credentials were exposed.
