Multi-Factor Authentication

Are you looking for information about Multi-Factor Authentication in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about Multi-Factor Authentication.

  • Microsoft 365

    Secure Device Registration in Microsoft Entra and Microsoft Intune

    By default, users can register devices in Microsoft Entra ID. Each device is represented as an object in Microsoft Entra ID and can be used for authentication and access. Once a user account is compromised, attackers can register their own devices and establish persistent access. Device registration is a security-critical process and must be secured. It is essential to define who is allowed to register devices, under which conditions registration is permitted, and which device types are accepted. Microsoft Entra ID and Microsoft Intune provide multiple control mechanisms that can be combined to enforce these requirements. Only when device registration is properly controlled can device compliance and Microsoft Entra Conditional…

  • Microsoft 365,  Microsoft Azure

    Protect Security Info Registration with Microsoft Entra Conditional Access and Microsoft Entra ID Protection

    Registration of security information such as the Microsoft Authenticator app, FIDO2 security keys or OATH tokens is a critical component of modern identity security. To protect this sensitive process, Microsoft Entra Conditional Access is used in combination with Microsoft Entra ID Protection. If a user risk or sign-in risk is detected, the Conditional Access policy prevents registration under untrusted conditions. This ensures that security-relevant information is only registered in trusted scenarios. If registration takes place under untrusted conditions, there is a risk that an attacker may register alternative authentication methods. This could allow continued access to a compromised account even after the password has been changed. To mitigate this risk,…

  • Microsoft Azure

    Enhancing Security with Microsoft Entra Protected Actions and Conditional Access

    Microsoft Entra Protected Actions safeguard highly sensitive administrative operations in Microsoft Entra by requiring an additional layer of authentication. When a user attempts to perform such an action, they must first meet the defined policies. For example, specific actions can be restricted to devices that are either Microsoft Entra Joined or Microsoft Entra Hybrid Joined, or may require phishing-resistant multi-factor authentication prior to execution.

  • Microsoft 365,  Microsoft Azure

    Microsoft Entra ID: QR Code Sign-In

    Microsoft Entra offers an innovative solution for fast and secure access: sign-in with QR code. This method simplifies the sign-in process while ensuring a high level of security. QR code sign-ins are ideal for employees in industries such as hospitality, production, logistics or healthcare who have to sign in to different devices several times a day.