News & Events

During 2025 Microsoft is encouraging the use of two-factor authentication (2FA) for all users of their products and not just admins. This decision marks a significant shift in how users will access Microsoft services, reinforcing the company’s commitment to improving security.

What is 2FA and MFA?

2FA stands for Two-factor authentication is a widely used security process where users provide two different ways to verify themselves. Using 2FA means that users add another layer of security that makes it harder for hackers to gain access to their account. MFA stands for Microsoft Multi-Factor authentication and is a term used by Microsoft to describe it’s equivalent process to 2FA but with more than 2 means of authentication. With 2FA or MFA in place knowing someone’s password alone is not enough for access.

Why the Shift?

Microsoft’s decision comes from increase in cyberattacks and data breaches that have affected millions worldwide. Passwords have proven to be vulnerable as most are weak, have been used across multiple accounts or have been exposed from phishing attacks. 2FA/MFA does not eliminate the risk of hacking entirely, but it enhances security by combining something you know (your password) with something you have (a mobile device or security key).

Microsoft’s Roadmap to 2025

Microsoft plans a phased rollout of MFA, beginning with educational drives to inform users about the benefits and necessity of the additional security layer. Organizations currently using Microsoft services will receive resources and support to transition during the 2025. The approach is designed to be gradual to ensure minimal disruption while maintaining a high standard of security.

Impact on Users

For individual users, the transition to 2FA/MFA will require an adjustment period. There will be a need to adopt new habits, such as always having access to a mobile device or security key when logging in.

What do you need to do?

Adoption of Microsoft MFA will be a step forward for cybersecurity, and as we approach the 2025 deadline we will be working with our client base to provide educational tools for staff and are on hand to help users adopt this new process.