Conditional Access
Are you looking for information about Azure AD Conditional Access? In this archive you will find all our posts about Azure AD Conditional Access.
-
Enhance Token Security with Microsoft Entra and Microsoft Intune
When an attacker steals a user’s token after a successful login, they gain the ability to impersonate the user and access protected resources without requiring a re-login. This method is becoming more commonly used to bypass security measures like Multi-Factor Authentication (MFA).
-
Microsoft Entra ID Protection: Protect Identities, Detect Risks and Mitigate Threats
Protecting our identity is crucial. The threats we face online are becoming increasingly sophisticated and refined, making the security of our identity a central challenge. Microsoft Entra ID Protection offers a robust solution to address these challenges.
-
Microsoft Entra ID: Revoke User Access in an Emergency
At a time when digital security is becoming increasingly important, managing user access is a crucial factor in protecting sensitive data and resources. Microsoft Entra provides companies with powerful tools to control and monitor access to critical information and systems. Especially in critical situations, such as compromised user accounts or employee departures, it is essential to quickly and securely revoke access to minimize potential security risks.
-
Switch from per-user MFA to MFA with Microsoft Entra Conditional Access
Setting up Multi-Factor Authentication (MFA) per user significantly enhances the security of a Microsoft tenant and is now the standard practice for every administrator. With per-user MFA, a Multi-Factor Authentication is required from the user during each sign-in. However, this can lead to frustration among legitimate users whose workflows are disrupted by frequent MFA prompts. To achieve a better user experience while balancing security and usability, it is recommended to switch to MFA (Multi-Factor Authentication) using Microsoft Entra Conditional Access.
-
Microsoft Entra Conditional Access: Block Authentication Flows
The Microsoft Entra Conditional Access for authentication flows regulates the use of the device code flow and authentication transfer. The device code flow is used to authenticate devices that do not have a browser or whose input is restricted, such as smart TVs, IoT devices, or printers. The device code flow represents a high-risk authentication flow, which could be exploited in phishing attacks or to gain access to corporate resources on unmanaged devices. The authentication transfer is a new flow that provides a seamless way to transfer the authenticated state from one device to another. In the desktop version of Outlook, users might be presented with a QR code. When…