Book Image

Microsoft Azure Security

Book Image

Microsoft Azure Security

Overview of this book

Table of Contents (12 chapters)

Advanced authentication


In this section, we will see two advanced scenarios used to authenticate against Azure services. The first is the Multi-Factor Authentication, which is useful to secure the directory users' accounts with a two-step verification; the second are Management Certificates, used to establish a secure channel between two parties and operate as administrators against a given subscription.

Multi-Factor Authentication

Azure AD has built-in features to enable Multi-Factor Authentication for its users. As for the two-step verification of the Microsoft account (discussed earlier in the chapter) Multi-Factor Authentication involves more than just one factor, combining:

  • What we know: This refers to valid credentials

  • What we have: This refers to a device, for example

In Azure AD, we have these options:

  • Authentication apps for mobile phones, available for Windows Phone, Android, and iOS. With the authentication app, users can receive one-time passcodes via push notifications or generate...