Understanding Azure Multi-Factor Authentication
Azure Multi-Factor Authentication (MFA) is a hosted Azure service providing two-factor authentication to enterprise applications and services, minimizing security risks such as users selecting poor passwords. The service relies on Azure Active Directory (AAD), and the number of applications that can take advantage of the service is limited but expanding. However, the service may require configuration and testing and user retraining, and organizations will have to choose between several licensing models, including a feature-limited free tier that comes with Office 365.
Two-Factor Authentication Process
In general, Azure MFA strengthens system security by requiring users to supply at least two of the following credential types:
- Something the user knows (a password)
- Something the user has (a trusted device)
- Something the user is (a unique biometric identifier, such as a fingerprint, iris scan, retinal scan, or voice print).
Based on technology acquired from PhoneFactor in 2012, Azure MFA currently emphasizes the user’s password as the primary factor and a unique, time-sensitive code or verification prompt on a trusted device as another.
Atlas Members have full access
Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.
Membership OptionsAlready have an account? Login Now