Azure Multi-Factor Authentication protects access to data and applications while meeting user demands for a simple login process. Provides strong authentication through a variety of simple validation options (phone, SMS, mobile app notifications), allowing users to choose their preferred method.
Azure Multi-Factor Authentication protects your business with security monitoring and machine-learning-based reporting that identifies inconsistent login patterns. Real-time alerts inform IT departments of suspicious account credentials to mitigate potential threats.
Use the local Azure MFA server to protect VPNs, Microsoft Active Directory Federation Services, Microsoft IIS Web Applications, remote desktops, and other dial-up applications that use RADIUS and LDAP authentication. Enable multifactor authentication in Azure Active Directory and add additional validation steps to all cloud-based applications and services.
Azure MFA is a way to verify users who need to use something other than the username and password. Provides a second layer of security for user connections and transactions. Azure Multi-factor Authentication helps protect data and application access while meeting user demands for a simple login process. Provides strong authentication with a variety of simple verification options such as phone calls, text messages, mobile app notifications or verification codes, and third-party OAuth tokens.
The security of multifactor authentication lies in a layered approach. Compromising several authentication factors is a major challenge for attackers. Even if an attacker learns a user’s password, it does not help even if he does not have a trusted device. If a user loses a device, the user who finds it can not use the device unless they also know the password of the user. Azure MFA is available in three different versions.
Office 365 Multifactor Authentication
This version only works with Office 365 applications and is managed from the Office 365 portal. As a result, administrators can use multifactor authentication to protect Office 365 resources. This version comes with an Office 365 subscription.
Multifactor Authentication for Azure Administrators
The same subset of multifactor authentication features in Office 365 is available for free for all Azure administrators. All managed accounts in an Azure subscription can receive additional protection by enabling this basic multifactor authentication feature. As a result, administrators who access the Azure portal to create virtual machines, Web sites, and manage storage, mobile services, or other Azure services can add multifactor authentication to their administrator accounts. It is recommended that all Azure administrator accounts be configured for MFA.
Azure MFA is deployed by applying policies with conditional access. A conditional access policy may require a user to perform multifactor authentication if certain conditions are met.
- All users, specific users, group members, or assigned roles
• Specific cloud application being accessed
• Device platform
• Device status
• Network location or IP address geographically located
• Customer application
• Connection risk (requires identity protection)
• Supported devices
• Participating Azure AD hybrid devices
• Approved client applications