Multi-factor authentication is the current solution to the problem of inadequate information security in today’s world of user names and passwords. When you have enabled multi-factor authentication in Microsoft Azure and Office 365, you might need app passwords to allow for certain access to not disrupt the business. The situation As an organization, you … Continue reading "KnowledgeBase: App Passwords are only available to users with a non-Conditional Access MFA requirement"
Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft announced a plan for change regarding Azure MFA. What’s announced Microsoft is planning to replace the current Custom controls (preview) in Conditional Access … Continue reading "Announced: Azure AD to offer more 3rd Party MFA features"
Windows Hello for Business is awesome technology, that allows for multi-factor authenticated sign-in on Windows 10 devices. About Windows Hello for Business In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to … Continue reading "Requirements per Windows Hello for Business Deployment Type"
The official Microsoft documentation teaches us that Microsoft Intune is an optional requirement to configure Windows Hello for Business to show the option to display the FIDO security key sign-in method as part of the Sign-in options on the Windows Logon Screen for Azure AD accounts. However, a method to achieve the same goal without … Continue reading "HOWTO: Enable Windows Hello for Business FIDO2 Key sign-in without Microsoft Intune"
The Internet has been on fire for the last week, as a vulnerability in Citrix appliances was actively attacked. In the Netherlands, the National Cyber Security Center advised organizations to switch off Citrix networking appliances. Dutch Now that organizations are switching them back on to patch the affected systems, they may be in for another surprise … Continue reading "Citrix’ NetScaler patch may break the Azure MFA NPS Extension for people who use text messages as their method"
At Microsoft Ignite 2019, Microsoft announced free Azure Multi-factor Authentication for all through the new Security Defaults feature for Azure Active Directory: Enable multi-factor authentication for free. Now, the official documentation shares more information on this feature and it implies that Azure Multi-factor Authentication (Azure MFA) is only free when it is enabled through the … Continue reading "Is the Authenticator App required for free Azure MFA?"
Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll add an additional layer of information security to authentications that are … Continue reading "HOWTO: Enable Azure Multi-factor Authentication on AD FS"
Roughly a year ago, we saw the release of Microsoft’s Azure Multi-Factor Authentication (MFA) Server, version 188.8.131.52. Last week, Microsoft released another minor version, dubbed version 184.108.40.206 that addresses a couple of issues you might experience with version 220.127.116.11. What’s New Fixed issue with AD Sync send email when user enabled state changes In … Continue reading "Azure Multi-Factor Authentication Server 18.104.22.168 was released"
Today, I had the pleasure of installing and configuring OneSpan’s (formerly Vasco’s) DIGIPASS Authentication for Microsoft Active Directory Federation Services (AD FS). Microsoft Docs offers links to documentation for 3rd-party providers with MFA offerings currently available for AD FS, but just like CensorNet’s SMS PASSCODE AD FS Agent, OneSpan’s installation and configuration manual is not … Continue reading "HOWTO: Install VASCO’s DIGIPASS Authentication for AD FS"
Last week, Microsoft announced that Azure MFA Server will no longer be available for new deployments per July 1, 2019. New customers who would like to require multi-factor authentication from their users should use cloud-based Azure Multi-Factor Authentication. Existing customers who have activated Azure MFA Server prior to July 1 will be able to download … Continue reading "HOWTO: Uninstall and Remove Azure MFA Server versions 7.x and 8.x Implementations"