Multi-Factor Authentication
Are you looking for information about Multi-Factor Authentication in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about Multi-Factor Authentication.
-
Secure Device Registration in Microsoft Entra and Microsoft Intune
By default, users can register devices in Microsoft Entra ID. Each device is represented as an object in Microsoft Entra ID and can be used for authentication and access. Once a user account is compromised, attackers can register their own devices and establish persistent access. Device registration is a security-critical process and must be secured. It is essential to define who is allowed to register devices, under which conditions registration is permitted, and which device types are accepted. Microsoft Entra ID and Microsoft Intune provide multiple control mechanisms that can be combined to enforce these requirements. Only when device registration is properly controlled can device compliance and Microsoft Entra Conditional…
-
Protect Security Info Registration with Microsoft Entra Conditional Access and Microsoft Entra ID Protection
Registration of security information such as the Microsoft Authenticator app, FIDO2 security keys or OATH tokens is a critical component of modern identity security. To protect this sensitive process, Microsoft Entra Conditional Access is used in combination with Microsoft Entra ID Protection. If a user risk or sign-in risk is detected, the Conditional Access policy prevents registration under untrusted conditions. This ensures that security-relevant information is only registered in trusted scenarios. If registration takes place under untrusted conditions, there is a risk that an attacker may register alternative authentication methods. This could allow continued access to a compromised account even after the password has been changed. To mitigate this risk,…
-
Enhancing Security with Microsoft Entra Protected Actions and Conditional Access
Microsoft Entra Protected Actions safeguard highly sensitive administrative operations in Microsoft Entra by requiring an additional layer of authentication. When a user attempts to perform such an action, they must first meet the defined policies. For example, specific actions can be restricted to devices that are either Microsoft Entra Joined or Microsoft Entra Hybrid Joined, or may require phishing-resistant multi-factor authentication prior to execution.
-
Microsoft Entra ID: QR Code Sign-In
Microsoft Entra offers an innovative solution for fast and secure access: sign-in with QR code. This method simplifies the sign-in process while ensuring a high level of security. QR code sign-ins are ideal for employees in industries such as hospitality, production, logistics or healthcare who have to sign in to different devices several times a day.
-
Microsoft Entra ID Protection: Protect Identities, Detect Risks and Mitigate Threats
Protecting our identity is crucial. The threats we face online are becoming increasingly sophisticated and refined, making the security of our identity a central challenge. Microsoft Entra ID Protection offers a robust solution to address these challenges.