Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts

This week, Microsoft announced the availability of Passwordless Phone Sign-in for multiple Work or School accounts in the Microsoft Authenticator app on Apple iOS-based devices. For the Public Preview of this feature, meet the following requirements to be able to use the Authenticator App for Passwordless Sign-ins to multiple Work or School accounts during the … Continue reading "Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts"

Multi-Factor Authentication Server version 8.0.8.1 is here

On March 16th, 2022, Microsoft released version 8.0.8.1 of its Azure MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. What’s New The release notes mention one change: Microsoft fixed an issue with IIS Authentication passed sessions to User Portal. Known Issues Windows Authentication … Continue reading "Multi-Factor Authentication Server version 8.0.8.1 is here"

Multi-Factor Authentication Server version 8.0.7.1 fixes an issue with One-Way SMS Performance

After 8 months, it’s time for an update to Microsoft’s product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. Last week, Microsoft released version 8.0.7.1 of it’s Azure MFA Server as an update to Azure MFA Server version 8.0.6.1. What’s New The release notes mention one … Continue reading "Multi-Factor Authentication Server version 8.0.7.1 fixes an issue with One-Way SMS Performance"

KnowledgeBase: Windows Hello for Business satisfies Smartcard is required for interactive logon requirements

One of the main strategies for securing privileged accounts in Active Directory Domain Services seems to enable the Smartcard is required for interactive logon option on members of the Domain Admins security group. Typically, that required deploying (virtual) smartcards, but there is a far easier way that is currently being wildly adopted: Windows Hello for … Continue reading "KnowledgeBase: Windows Hello for Business satisfies Smartcard is required for interactive logon requirements"

TODO: Migrate from Azure MFA Server to Azure multi-factor authentication

This week, Microsoft made available guidance to migrate from Azure MFA Server to Azure multi-factor authentication (Azure MFA). While Microsoft officially still supports its on-premises Azure MFA Server product, the reality for organizations using MFA Server for multi-factor authentication purposes is harsh: Since MFA Server 8, released on April 10, 2018. MFA registration for the … Continue reading "TODO: Migrate from Azure MFA Server to Azure multi-factor authentication"

Multi-Factor Authentication Server version 8.0.6.1 fixes an issue on Slave Servers

Roughly 6 months ago, on August 25th 2020, we saw the release of Microsoft Multi-factor Authentication Server (MFA Server) version 8.0.5.1. Now it’s time for an update to Microsoft’s product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. This week, Microsoft released version 8.0.6.1. What’s New … Continue reading "Multi-Factor Authentication Server version 8.0.6.1 fixes an issue on Slave Servers"

KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA

Today, Raymond and I troubleshooted an issue for several people who received the ‘Sorry, we ran into a problem’ error when trying to register their security information. As is our mutual expectation, I decided to document the issue. When you run into the same situation, you might find it helpful.   The situation An Azure … Continue reading "KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA"

The Azure MFA SDK stops working today

Requiring multi-factor authentication for on-premises Microsoft resources has been a difficult challenge, ever since Microsoft acquired PhoneFactor in 2012 and slowly but steadily turned its technologies into Azure MFA. Today, we’re reaching the end of the line for one of the intermediate multi-factor authentication solutions: the Azure MFA SDK. About the Azure MFA SDK The … Continue reading "The Azure MFA SDK stops working today"

TODO: Migrate off the ‘Skip multi-factor authentication for requests from federated users on my intranet’ settings

Trying to get rid of the PhoneFactor remnants in my Azure AD tenant, I’ve already shown hot to move from per-user MFA to Conditional Access, Move from MFA Trusted IPs to Conditional Access Named Locations and to move from the ‘Allow users to remember multi-factor authentication on devices they trust’ option to Conditional Access. Today … Continue reading "TODO: Migrate off the ‘Skip multi-factor authentication for requests from federated users on my intranet’ settings"

Azure Multi-Factor Authentication Server 8.0.5.1 is here

Roughly 6 months ago, on February 26th, 2020, we saw the release of Microsoft Multi-factor Authentication Server (MFA Server) version 8.0.4. Now it’s time for an update to Microsoft’s product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. This week, Microsoft released version 8.0.5.1.   What’s … Continue reading "Azure Multi-Factor Authentication Server 8.0.5.1 is here"