cloudcoffee.ch

Freshly brewed with Microsoft Azure and Microsoft 365

Tag: Conditional Access

Are you looking for information about Azure AD Conditional Access? In this archive you will find all our posts about Azure AD Conditional Access.

Block Legacy Authentication with Azure AD Conditional Access

By

On 12. February 2022

In Microsoft 365, Microsoft Azure

Widely used legacy authentication protocols such as POP, SMTP, IMAP or MAPI are now a serious security vulnerability and thus very popular with attackers.

The numbers on legacy authentication from one analysis are stark:
(Source: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/new-tools-to-block-legacy-authentication-in-your-organization/ba-p/1225302#)

  • More than 99 percent of password spray attacks use legacy authentication protocols
  • More than 97 percent of credential stuffing attacks use legacy authentication
  • Azure AD accounts in organizations that have disabled legacy authentication experience 67 percent fewer compromises than those where legacy authentication is enabled

Read More

Multi-factor authentication method analysis

By

On 5. February 2022

In Microsoft 365, Microsoft Azure

For a security audit, it is necessary to check which multi-factor authentication method is enabled for each individual user in the Microsoft tenant.

The guide can also be used to make users aware of a multi-factor authentication method that may be more convenient for them than they currently have enabled.

The following are possible multi-factor authentication methods.:

  • Mobile App (Microsoft Authenticator)
  • Text message
  • Phone call

Read More

App Password for Multi-Factor Authentication

By

On 29. January 2022

In Microsoft 365

Apps that do not support two-step verification can cause problems after enabling multi-factor authentication (MFA). These apps, also called non-browser apps, can no longer be used after multi-factor authentication is enabled.

To continue to use these apps securely, an App Password can be used for authentication. An App Password is a secure, randomly generated password that can be used instead of the regular password for an app.

Read More

User guide: Enabling multi-factor authentication

By

On 9. January 2022

In Microsoft 365, Microsoft Azure

Enabling Multi-Factor Authentication (MFA) significantly increases the security of user accounts when accessing Microsoft Azure and Microsoft 365 online services. The following user guide will help to set up one of the following authentication methods.

Three variants are available to authenticate with the second factor:

  • Variant 1: Authentication via mobile app on smartphone (recommended)
  • Variant 2: Authentication via SMS
  • Variant 3: Authentication via phone call

Read More

Enforce Multi-Factor Authentication (MFA)

By

On 3. January 2022

In Microsoft 365, Microsoft Azure

Multi-Factor Authentication (MFA) provides a high level of protection for identities in the cloud. The user must identify himself with a second factor in addition to the password. Without this second factor, access to cloud apps are prevented.

The feature “Azure AD Conditional Access” can be used to enforce multi-factor authentication. At least two of the following authentication methods then become mandatory:

  • Something you know, typically a password
  • Something you have, such as a trusted device that’s not easily duplicated, like a phone or hardware key
  • Something you are – biometrics like a fingerprint or face scan

Read More

Powered by WordPress & Theme by Anders Norén