ATTENTION
For the moment I'm assuming that no security action is needed in spite of the following email; but it does mention "In the future, Oracle will enforce this policy for all OCI tenancies."
here is text of email received from Oracle Cloud:
Oracle Cloud Infrastructure Customer
Security is a top priority for Oracle. To help improve the security posture of your Oracle Cloud Infrastructure (OCI) tenancy,
Oracle is taking steps that will require the use of multi-factor authentication (MFA) for all new tenancies. In the future, Oracle will enforce this policy for all OCI tenancies.
MFA helps reduce the risk of your tenancy being compromised by strengthening the authentication process. Along with your username and password, you will be challenged for a second factor of authentication. Oracle recommends using phishing-resistant MFA devices such as FIDO2 compliant security keys for all cloud administrators.
Immediate Recommended Action: Enable MFA for all Oracle Cloud administrators. To set up MFA using Oracle best practices, see the IAM MFA documentation:
https://docs.oracle.com/en-us/iaas/Content/Security/Reference/iam_security.htm#iam_mfa_best_practice
Action Recommended
Service(s): Oracle Cloud Infrastructure
Tenant Name: redacted
What should I do if I am still having an issue?
Click this link to view your available support options.
"
https://cloud.oracle.com/support/home"