If I had a nickel for every breach that started with a single compromised password, I’d have retired years ago. It’s the oldest trick in the book, and frankly, it still works because too many organizations refuse to implement the absolute simplest defense.
We’re talking about Multi-Factor Authentication (MFA) for all Azure AD/Entra ID users. Not just admins, not just privileged accounts. Every. Single. User. Microsoft themselves tell us MFA blocks 99.9% of automated account compromise attacks. If you’re not doing this, you’re leaving the front door wide open.
This isn’t rocket science. It’s basic cyber hygiene. Implement it via Conditional Access policies. Get it done.
You can quickly check your Conditional Access policies with:
az rest –method get –url “https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies”
Prioritize this. Your organization’s security depends on it.
The fix
# Azure CLI — check Conditional Access policies
az rest --method get --url "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies"
# Create via Portal:
# Entra ID → Security → Conditional Access → New Policy
# Target: All users | Conditions: All apps | Grant: Require MFA
Reference: CIS Azure Foundations Benchmark 1.1.1