As just announced at the Microsoft Ignite 2019 Conference, Azure Multi Factor Authentication (Azure MFA) will now be enabled by default for all new Azure AD (and Office 365 or Dynamics as they rely on Azure AD) tenant and will be also free for existing customers with the Microsoft Authenticator app (available on Android https://play.google.com/store/apps/details?id=com.azure.authenticator and iOS https://apps.apple.com/app/microsoft-authenticator/id983156458)
This new default configuration will be roll out over the next few months on new tenants
Enabling and using Multi Factor Authentication reduces the risk of phishing and other identity-based attacks by 99.9 percent and is one of the steps to improve your security posture.
If you are already using Office 365, Dynamics or Azure AD, there has been no better moment to start deploying Azure MFA.
Hello
Does Azure MFA allow conditional Access to the MFA via ADFS to be activated? Or is an Azure AD Premium license still required?
Thank you for your answer!
This is a good question
The announcement did not mention anything specific but as you needed to have Azure MFA enabled (and registered) when used with conditional access with AD FS and as Microsoft is doing everything to get you away from AD FS I would expect this will be also free in this context
Probably check back with account manager to confirm
On a side related to AD FS, I would recommend you to implement conditional access at the Azure AD level (FYI you can stage your migration from AD FS to Azure AD authent – see https://t.co/JIKg1Sx0C4
Any reductions in the financial barriers towards users implementing MFA are to be welcome. Currently the cost of implementation is probably the principle hurdle holding back companies. It will be interesting to confirm what other restrictions have been lifted.