Require MFA for administrative roles Doesn't finish

Occasional Visitor

Hey Guys,

Thank you in advance for taking a look at my case.


I've gotten the project to upgrade the security at our company, therefor have I started to implement MFA. The company has 200~ users world-wide, so that isn't done within a day. Therefor have I started to enforce MFA for the administrators. Unfortunately do I not get all the points for it? So when I took a second look at it I saw that we have 6 out of 10 administrator users that have MFA enforced, well all our IT guys have MFA enforced 3 weeks ago so that isn't it. So with an powershell script did I output all the administrators and came across these accounts for the sync, are these the accounts I have been looking for? And how do I use MFA on sync accounts? With app passwords?

Pleas let me know what the most secure way to do is.

Really appreciated

1 Reply
best response confirmed by Security_specialist (Occasional Visitor)

Those look like the service principal objects for the corresponding service, you cannot enforce MFA there. But I wouldnt worry about the secure score too much, it has been known to "lag" or even show incorrect data at times.