How to Enable Multi-Factor Authentication (MFA) Office 365 with Powershell ?

You can use Microsoft’s free Multi-Factor Authentication (MFA) application to further increase the security of your Office 365 users in your organization.
Of course, for this, your organization must have minimum Azure AD, Microsoft 365 and Microsoft 365 license types.

For more, you can visit the addresses below;

Secure user sign-in events with Azure AD Multi-Factor Authentication
Set up multifactor authentication for Microsoft 365
Multifactor authentication for Microsoft 365
Features and licenses for Azure AD Multi-Factor Authentication

If you want to enable MFA for all or some of your users in your organization, you can follow the steps below;
Method 1: You can access the MFA area via the console and take action for users.
Login to Office 365 Admin Center –> Active Users –> Multi-factor authentication


Method 2: You can do it using Connect-MsolService cmdlet powershell commands.
You can use three different methods, “EnablePerUserMFA”, “BulkImportEnable” and “EnableAllUserMFA”.

#ConnectMsolService Connect-Msolservice #EnablePerUserMFA $user = "alias@domainname"
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = "Enabled"
$sta = @($st) Set-MsolUser -UserPrincipalName $user -StrongAuthenticationRequirements $sta

If you want to enable MFA for more than one user or certain departments;
First we organize your users in csv file type

#BulkImportEnable $users = Import-Csv "C:\Temp\MFAEnable.csv" foreach ($user in $users) { $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement $st.RelyingParty = "*" $st.State = "Enabled" $sta = @($st) Set-MsolUser -UserPrincipalName $user.UserPrincipalName -StrongAuthenticationRequirements $sta } Write-Host "Script is Running.." Read-Host -Prompt "Script is Completed, Press Enter to Exit."
#EnableAllUserMFA $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement $st.RelyingParty = "*" $st.State = "Enabled" $sta = @($st) Get-MsolUser -All | Set-MsolUser-StrongAuthenticationRequirements $sta

Have a nice day !

How to your organization mitigate the risk of a Pass-the-Hash (PtH) attack?

This mitigation strategies that you can use in your organization to help prevent both lateral movement and privilege escalation by decreasing the impact of credential theft.

Lateral Movement: In this activity, the attacker uses the credentials obtained from a compromised computer to gain access to another computer of the same value to the organization.

Privilege Escalation: In this activity, the attacker uses the credentials obtained from a compromised computer to gain access to another computer of a higher value to the organization.

These mitigations are effective, practical, and broadly applicable to different domain configurations.

These mitigations are defense-in-depth measures designed to ensure that your environment is protected even if these measures fail.

MitigationEffectivenessEffort RequiredPrivilege EscalationLateral Movement
Restrict and protect local accounts with Administrative PrivilegesExcellentMedium
Restrict and protect local accounts with Administrative PrivilegesExcellentLow
Restrict inbound traffic using the Windows FirewallExcellentMedium
More RecommendationsEffectivenessEffort RequiredPrivilege EscalationLateral Movement
Remove standard users from the local Administrators GroupExcellentHigh
Limit the number and use of privileged Domain AccountsGoodMedium
Configure outbound proxies to deny internet to Privileged AccountsGoodLow
Ensure Administrative Accounts don’t have email accountsGoodLow
Use remote management tools that don’t place reusable credentials on a remote computers memoryGoodMedium
Avoid logons to less secure computers that are potentially compromisedGoodLow
Update applications and operating systemsPartialMedium
Secure and manage Domain ControllersPartialMedium
Remove LM hashesPartialLow
Other MitigationEffectivenessEffort RequiredPrivilege EscalationLateral Movement
Disable the NTLM ProtocolMinimalHigh
Smart cards and multifactor authentication (MFA)MinimalHigh
Jump serversMinimalHigh
Rebooting workstations and serversMinimalLow

Have a nice day!