feat(docs): update mfa enforcement date for m365 (#8610)

2026-01-25 02:08:11 +00:00 · 2025-09-01 09:48:21 +02:00
parent 1259bb85e3
commit fdb76e7820
4 changed files with 6 additions and 6 deletions
--- a/docs/tutorials/microsoft365/authentication.md
+++ b/docs/tutorials/microsoft365/authentication.md
@@ -8,7 +8,7 @@ Prowler for Microsoft 365 (M365) supports the following authentication methods:
 - **Interactive browser authentication**

 ???+ warning
-    Prowler App supports the **Service Principal** authentication method and the **Service Principal with User Credentials** authentication method, but this last one will be deprecated in September once Microsoft will enforce MFA in all tenants not allowing User authentication without interactive method.
+    Prowler App supports the **Service Principal** authentication method and the **Service Principal with User Credentials** authentication method, but this last one will be deprecated in October once Microsoft will enforce MFA in all tenants not allowing User authentication without interactive method.

 ### Service Principal Authentication (Recommended)

@@ -109,7 +109,7 @@ When using service principal authentication, add the following **Application Per
    > If you do this you will need to add also the `Organization.Read.All` permission to the service principal application in order to authenticate.

 ???+ note
-    This is the **recommended authentication method** because it allows you to run the full M365 provider including PowerShell checks, providing complete coverage of all available security checks, same as the Service Principal Authentication + User Credentials Authentication but this last one will be deprecated in September once Microsoft will enforce MFA in all tenants not allowing User authentication without interactive method.
+    This is the **recommended authentication method** because it allows you to run the full M365 provider including PowerShell checks, providing complete coverage of all available security checks, same as the Service Principal Authentication + User Credentials Authentication but this last one will be deprecated in October once Microsoft will enforce MFA in all tenants not allowing User authentication without interactive method.


 ####  Service Principal + User Credentials Authentication (`--env-auth`)
--- a/docs/tutorials/microsoft365/getting-started-m365.md
+++ b/docs/tutorials/microsoft365/getting-started-m365.md
@@ -194,7 +194,7 @@ To grant the permissions for the PowerShell modules via application authenticati

 #### If using user authentication

-This method is not recommended because it requires a user with MFA enabled and Microsoft will not allow MFA capable users to authenticate programmatically after 1st September 2025. See [Microsoft documentation](https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mandatory-multifactor-authentication?tabs=dotnet) for more information.
+This method is not recommended because it requires a user with MFA enabled and Microsoft will not allow MFA capable users to authenticate programmatically after 1st October 2025. See [Microsoft documentation](https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mandatory-multifactor-authentication?tabs=dotnet) for more information.

 ???+ warning
    Remember that if the user is newly created, you need to sign in with that account first, as Microsoft will prompt you to change the password. If you don’t complete this step, user authentication will fail because Microsoft marks the initial password as expired.
--- a/prowler/providers/m365/lib/powershell/m365_powershell.py
+++ b/prowler/providers/m365/lib/powershell/m365_powershell.py
@@ -77,7 +77,7 @@ class M365PowerShell(PowerShellSession):
        Initialize PowerShell credential object for Microsoft 365 authentication.

        Supports three authentication methods:
-        1. User authentication (username/password) - Will be deprecated in September 2025
+        1. User authentication (username/password) - Will be deprecated in October 2025
        2. Application authentication (client_id/client_secret)
        3. Certificate authentication (certificate_content in base64/application_id)

@@ -115,7 +115,7 @@ class M365PowerShell(PowerShellSession):
            self.execute(f'$tenantID = "{sanitized_tenant_id}"')
            self.execute(f'$tenantDomain = "{credentials.tenant_domains[0]}"')

-        # User Auth (Will be deprecated in September 2025)
+        # User Auth (Will be deprecated in October 2025)
        elif credentials.user and credentials.passwd:
            credentials.encrypted_passwd = self.encrypt_password(credentials.passwd)

--- a/ui/components/providers/workflow/forms/via-credentials/m365-credentials-form.tsx
+++ b/ui/components/providers/workflow/forms/via-credentials/m365-credentials-form.tsx
@@ -69,7 +69,7 @@ export const M365CredentialsForm = ({
      <div className="flex items-center rounded-lg border border-system-warning bg-system-warning-medium p-2 text-sm dark:text-default-300">
        <InfoIcon className="mr-2 inline h-4 w-4 flex-shrink-0" />
        <p className="text-xs font-extrabold">
-          By September 2025, MFA will be mandatory.
+          By October 2025, MFA will be mandatory.
        </p>
      </div>
      <p className="text-sm text-default-500">