Enforce

Are you looking for information about force configurations in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about force configuration.

  • Microsoft 365,  Microsoft Azure

    Microsoft Authenticator App: Improve security with number matching

    The use of multi-factor authentication is considered one of the most secure methods to protect an account and is therefore recommended by pretty much every provider by now. Due to this fact, the user receives many multi-factor authentication requests every day, which are probably no longer considered carefully and are approved out of habit.Microsoft introduces number matching, a method that can prevent blind approval of the request. For existing users with the Microsoft Authenticator App, number matching will be enabled by default on February 27, 2023.The following tutorial will immediately enable number matching and therefore increase login security.

  • Microsoft Azure

    Microsoft Entra: Roll Over Kerberos Decryption Key

    With Seamless Single Sign-On (Seamless SSO), users can leverage the same credentials for both on-premises and cloud-based services. Repeated authentication prompts between these environments are eliminated, as authentication data is automatically exchanged between Active Directory and Microsoft Entra. As part of the Seamless SSO configuration, a computer account named AZUREADSSOACC is created in the on-premises Active Directory. For security reasons, Microsoft recommends rotating the associated Kerberos decryption key every 30 days.

  • Microsoft Azure

    Azure AD Connect: Enforcing TLS 1.2

    Azure AD Connect no longer supports the following protocols because they are considered insecure. the following services may be affected by the deactivation of the protocols: With TLS 1.2, Azure AD Connect remains executable.

  • Microsoft 365,  Microsoft Azure

    Enforce Multi-Factor Authentication (MFA)

    Multi-Factor Authentication (MFA) provides a high level of protection for identities in the cloud. The user must identify himself with a second factor in addition to the password. Without this second factor, access to cloud apps are prevented. The feature “Azure AD Conditional Access” can be used to enforce multi-factor authentication. At least two of the following authentication methods then become mandatory: