Microsoft 365 admin center multifactor authentication enforcement

Plan for Change
Major Change

Message ID

MC1215070
View in Admin Center

Services

Microsoft 365 suite

Summary

Starting February 9, 2026, Microsoft will enforce mandatory multi-factor authentication (MFA) for all users signing into the Microsoft 365 admin center to enhance security. Admins should set up MFA now to avoid access issues; users must verify or add their MFA methods.

Details

If you have already set up multi-factor authentication, thank you. No further action is needed at this time. If you have not, please read on.

As part of our ongoing commitment to advancing cybersecurity across our company and products, last year, starting February 2025, Microsoft began requiring all users to use multi-factor authentication (MFA) when signing into the Microsoft 365 admin center. Starting February 9th 2026, Microsoft will continue to ramp up enforcement, and users will be unable to sign in to the Microsoft 365 admin center without successfully completing MFA.

Implementing MFA in the Microsoft 365 admin center significantly reduces the risk of account compromise, prevents unauthorized access, and safeguards sensitive data. By adding an extra layer of protection beyond standard username and password authentication, MFA makes it harder for attackers to steal data and prevents unauthorized access from phishing, credential stuffing, brute force, or password reuse attacks.

Take action now

Global admins: To set up MFA in your organization now, visit the MFA setup guide at aka.ms/MFAWizard or refer to Set up multifactor authentication for Microsoft 365

Users accessing the Microsoft 365 admin center: Check your verification methods and add one if needed by going to aka.ms/mfasetup.

How this will affect your organization

MFA will need to be enabled for your tenant to ensure admins are able to sign-in to the Microsoft 365 admin center. Note that the following Microsoft 365 admin center URLs are impacted by this change:

  • https://portal.office.com/adminportal/home
  • https://admin.cloud.microsoft
  • https://admin.microsoft.com

What to do to prepare

  • If you have not already, set up MFA as soon as possible to avoid sign-in issues once mandatory MFA enforcement is rolled out to your organization.
  • If you have already set up MFA, no action is required. It is recommended that you verify that all users accessing the Microsoft 365 admin center have added a verification method to their account (such as a Microsoft Authenticator).
  • Global admins: To set up MFA in your organization now, visit the MFA setup guide at aka.ms/MFAWizard or refer to Set up multifactor authentication for Microsoft 365.
  • Users accessing the Microsoft 365 admin center: Check your verification methods and add one if needed by going to aka.ms/mfasetup.

For more information, refer to the FAQs in the blog post here.

Additional info URL (i.e., link to relevant support doc):

https://aka.ms/mfasetup

Multifactor authentication for Microsoft 365 - Microsoft 365 admin | Microsoft Learn

Set up multifactor authentication for users - Microsoft 365 admin | Microsoft Learn