How to Enable Multi-Factor Authentication on Azure Portal

Image for post
Image for post
www.datanextsolutions.com

Introduction

In today’s competitive world, the protection of data and digital assets is a top priority for any security architect and enterprise. Digital assets could be in form of PII (Personal Identifiable Information), client list, network information, trade secrets, or more.

Securing these assets using a complex password is not enough, we all know people are used to setting the same password on multiple platforms, compromising one password could be a potential call for trouble. Odd enough I recently saw an article on CNN citing the problem

MFA or Multi-factor authentication can solve this problem to some extent, MFA allows you to have an additional layer of security to access your cloud or on-premise applications, even if you have the same password assigned to the various platforms, MFA technically makes it unique.

There are many ways to do authentication using MFA, some common are as follows

  1. Get an SMS, Text, or email message to verify your identity
  2. Using Time-based One-time Password Algorithm
  3. Using a Mobile app
  4. Fingerprints
  5. Retina scan

I have written few posts in the past on how to enable MFA on the AWS platform, I thought it would be cool to go through a process on Azure Portal as well. Check out the following posts as well.

MFA on Microsoft Azure

So the fancy thing with Azure there are many versions of MFA (it’s a pick your poison situation) and it is a bit confusing to start with.

Following is the documentation page from Microsoft Azure listed comparison table, plan out what you need to secure as per your needs.

In this post, I will go through an Azure AD Free — Security defaults and enable MFA on Azure tenant account using Microsoft Authenticator app using time-sensitive passcode.

Download Mobile App

The first step is to download the Microsoft Authenticator app, you can download the app using the following link

Setup MFA for User

First search for Users in Azure Portal

Image for post
Image for post

Select the user you want to enable MFA and click Multi-Factor Authentication button

Image for post
Image for post

Azure will open another window chose your user again and click Enable as shown in the slide

Image for post
Image for post

When you click Enable you need to confirm MFA as shown in the slide

Image for post
Image for post

Select the user again and click Manage user settings

Image for post
Image for post

Select the option as shown in the slide, once your user logs in Azure will ask to verify the contact information again

Image for post
Image for post

Next is to select Mobile app from the drop down list, and select use verification code and click Set up

Image for post
Image for post

Now open Microsoft Authenticator App and scan the bar code to add your account into the app

Image for post
Image for post

Open Microsoft Authenticator app on your mobile to get the current code

Image for post
Image for post

Enter the one time password code in Azure portal

Image for post
Image for post

Confirm your contact information

Image for post
Image for post

Optionally, copy the secure password Azure provides for other apps like Outlook, once you enable MFA you might have to re-login to all Microsoft apps like Outlook, Word, Note with MFA

Image for post
Image for post

Now, whenever you log in to Azure portal, you need to provide one time password showing in Microsoft Authenticator App as shown in the slide

Image for post
Image for post
Image for post
Image for post

There you go you have successfully set up MFA on Microsoft Azure.

Conclusion

Configuration MFA on Microsoft Azure is a bit confusing in the start, I hope you like this post.

@IamZeeshanBaig

About DataNext

DataNext Solutions is a US-based system integrator, specialized in Cloud, Security, and DevOps technologies. As a registered AWS partner, our services comprise of any Cloud Migration, Cost optimization, Integration, Security, and Managed Services. Click here and Book a Free assessment call with our experts today or visit our website www.datanextsolutions.com for more info.

Written by

Cloud Security Expert & CEO of DataNext Solutions, helping people every day with the latest tech. Connect @LinkedIn http://bit.ly/zb-linkedin

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store