Understanding Azure Multi-Factor Authentication
Azure Multi-Factor Authentication (MFA) is a hosted Azure service that can provide two-factor authentication to enterprise applications and services, minimizing the risks of users using poor passwords. Azure MFA is licensed using a subscription model: per user or per authentication. The service relies heavily on Azure AD (AAD), even if used on-premises. The number of applications that can take advantage of the service today are very limited but are likely to expand over the coming years.
Two-Factor Authentication—Where Available
In general, Azure MFA strengthens system security by requiring users to supply at least two of the following types of credentials:
- Something they know (a password or PIN)
- Something they have (a smart card, token card, or one-time code)
- Something they are (a unique biometric identifier, such as a fingerprint, iris scan, retinal scan, or voice print).
Azure MFA users are likely most familiar with the use of smart cards and, more recently, fingerprints as authentication alternatives to traditional passwords. Azure MFA does not yet support biometrics.
Atlas Members have full access
Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.
Membership OptionsAlready have an account? Login Now