Latest Posts

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA)

Definition: Multi-Factor Authentication is the process where you need at least two ways to identify yourself to log in.

  • The benefit and idea behind keeping multiple authentications are if the attacker breaks one of the securities, still, your system/data is secure.
  • Azure MFA can also secure a Password reset.
  • MFA is enabled through Azure Active Directory.

Three main types of MFA methods

Multi-Factor authentication requires two or more of the following.

  • Something you know. Typically, your credentials
  • Something you have. A trusted device, which cannot be duplicated easily.
  • Something you are. A biometric like fingerprint or face scan.

Available verification methods.

  • When users signs-in to Azure using credentials and receive an MFA prompt, they can select from one of the registered forms of additional verification.
  • Users can add or edit the additional verification from My Profile
  • Some additional verification methods.
    • Microsoft Authenticator App
    • OAuth Hardware Token
    • OAuth Software Token
    • SMS (Text Code)
    • Voice Call (Code)

How does MFA work – Using an Example?

  • There is one financial application that has enabled Multi-Factor authentication.
  • Please refer to below figure
  • MFA Working
  • Step 1 (Something you know): User enters the Id and Password. If the credentials are wrong, the user is thrown out of the log-in process, if credentials are correct it moves to Step 2.
  • Step 2 (Something you have): An SMS (with a code) is sent to the user’s mobile. The user enters the code he/she received on mobile. If the code doesn’t match with what Microsoft has sent, then the user is obviously not authenticated, and the process stops here.
  • Final: You can add more authentication after step 2 (if you want). After all these steps are successfully passed, the user is logged in to the system.

We value your Feedback:

Page URL:




© 2024 Code SharePoint