In today’s competitive world, the protection of data and digital assets is a top priority for any security architect and enterprise. Digital assets could be in form of PII (Personal Identifiable Information), client list, network information, trade secrets, or more.
Securing these assets using a complex password is not enough, we all know people are used to setting the same password on multiple platforms, compromising one password could be a potential call for trouble. Odd enough I recently saw an article on CNN citing the problem
Yes, people are still using '123456' and 'password' as their password
When it comes to updating passwords, we are creatures of habit -- and change is hard.
MFA or Multi-factor authentication can solve this problem to some extent, MFA allows you to have an additional layer of security to access your cloud or on-premise applications, even if you have the same password assigned to the various platforms, MFA technically makes it unique.
There are many ways to do authentication using MFA, some common are as follows
- Get an SMS, Text, or email message to verify your identity
- Using Time-based One-time Password Algorithm
- Using a Mobile app
- Retina scan
I have written few posts in the past on how to enable MFA on the AWS platform, I thought it would be cool to go through a process on Azure Portal as well. Check out the following posts as well.
Enabling MFA Delete on AWS S3 Buckets
Object storage is a very popular service in the cloud, the first thing normally organizations move to the cloud is the…
MFA on Microsoft Azure
So the fancy thing with Azure there are many versions of MFA (it’s a pick your poison situation) and it is a bit confusing to start with.
Following is the documentation page from Microsoft Azure listed comparison table, plan out what you need to secure as per your needs.
Azure AD Multi-Factor Authentication versions and consumption plans
To protect user accounts in your organization, multi-factor authentication should be used. This feature is especially…
In this post, I will go through an Azure AD Free — Security defaults and enable MFA on Azure tenant account using Microsoft Authenticator app using time-sensitive passcode.
Download Mobile App
The first step is to download the Microsoft Authenticator app, you can download the app using the following link
Microsoft Authenticator - Securely Access & Manage Your Online Accounts
Skip to main content LEARN MORE Enter your phone number and we'll send you a download link Microsoft will use your…
Setup MFA for User
First search for Users in Azure Portal
Select the user you want to enable MFA and click Multi-Factor Authentication button
Azure will open another window chose your user again and click Enable as shown in the slide
When you click Enable you need to confirm MFA as shown in the slide
Select the user again and click Manage user settings
Select the option as shown in the slide, once your user logs in Azure will ask to verify the contact information again
Next is to select Mobile app from the drop down list, and select use verification code and click Set up
Now open Microsoft Authenticator App and scan the bar code to add your account into the app
Open Microsoft Authenticator app on your mobile to get the current code
Enter the one time password code in Azure portal
Confirm your contact information
Optionally, copy the secure password Azure provides for other apps like Outlook, once you enable MFA you might have to re-login to all Microsoft apps like Outlook, Word, Note with MFA
Now, whenever you log in to Azure portal, you need to provide one time password showing in Microsoft Authenticator App as shown in the slide
There you go you have successfully set up MFA on Microsoft Azure.
Configuration MFA on Microsoft Azure is a bit confusing in the start, I hope you like this post.
DataNext Solutions is a US-based system integrator, specialized in Cloud, Security, and DevOps technologies. As a registered AWS partner, our services comprise of any Cloud Migration, Cost optimization, Integration, Security, and Managed Services. Click here and Book a Free assessment call with our experts today or visit our website www.datanextsolutions.com for more info.