Multi-Factor Authentication

Today just a short article about multi-factor authentication, to get your attention on securing the login process of your (cloud) users.
Everybody knows it is very important to use a complex password to access (corporate) data. But even if your users are using complex passwords, passwords are still the weak link in IT security. The more complex the password is, the harder to forget the password and more likely to be written down or stored on a less secure place. Who has not seen Post-it notes on computer screens with several usernames and passwords for different websites?
Multi-factor authentication (MFA) provides a second method of authentication to gain access to your data. MFA adds a second layer of security at the user login process, it requires the user to provide a second (or even third) authentication method when signing in. These Authentication methods are:

Something you now (your password)
Something you have (your smartphone)
Something you are (bio metrics)

Microsoft offers multi-factor authentication from the cloud, as part of Office 365 or as a separate service called Azure Multi-factor Authentication. The basic features as part of both MFA services are the same; admin control over authentication methods, the admin can turn on/ off MFA for single users and several second authentication methods.

These are the second authentication methods Microsoft provides:

Call to phone
Text message (SMS) to phone
Notification through mobile app
Verification code from mobile app

As Office 365 administrator you can manage MFA from the Office 365 portal. Just choose your service settings like shown on the picture and enable MFA for your users to help them secure their Office 365 resources. Depending on the second verification method chosen, your users need to register a mobile app or phone number to start using MFA.

If you need extra features, besides the basic features, in your MFA deployment (or you don`t have Office 365) you may choose for Azure Multi-factor authentication (as a separate service or as part of Azure AD Premium or Enterprise Mobility + Security). Azure MFA expands the basic MFA features with features like:

Trusted IPs
MFA reports
MFA for on-premises applications
Fraud alert

Visit this site to see a feature comparison of the different Office 365 and Azure MFA versions.

Automatically wipe a Windows 10 device after a number of authentication failures

Issues with OneDrive sync client – Preview – UPDATED

Welcome to my blog!

Hide the “Turn on an ad privacy feature” pop-up in Chrome with Microsoft Intune

How to set Google as default search provider with Microsoft Intune

Using Windows Autopilot device preparation with Windows 365 Frontline shared cloud PCs

Using Visual Studio with Microsoft Endpoint Privilege Management, some notes

most popular

Application installation issues; Download pending

Restrict which users can logon into a Windows 10 device with Microsoft Intune

How to change the Windows 11 language with Intune

Update Microsoft Edge during Windows Autopilot enrollments

Multi-Factor Authentication

Related Posts