Skip to main content

What is Microsoft Azure Multi-Factor Authentication, and How does it Work?

By May 24, 2018September 18th, 2020Azure, Best Practices, Blog, Microsoft, Security
Multi-Factor authentication graphic

Why is Multi-Factor Authentication Important?

There are a number of reasons to consider using multi-factor authentication (MFA).  You most likely are increasingly more connected. Like most of us, you’re using smart phones, tablets, laptops and PCs. You have several options to access your accounts on multiple devices and from a range of network resources.

Compromising multiple authentication factors presents a significant challenge to attackers. Even if an attacker learns your password, it’s useless without also having possession of your trusted device.

MFA proves an easy-to-use, scalable, and reliable solution to gain a second method for authenticating users. You can manage your own devices quickly, it provides strong authentication using the highest industry standards, and Microsoft guarantees 99.9% availability.

What is Multi-Factor Authentication?

Azure Multi-Factor Authentication is a two-step verification method that provides a second critical layer of security to user sign-ins and transactions. It works by requiring any two or more verification methods such as:

  • Passwords or phrases
  • A trusted device that is not easily duplicated (such as your phone)
  • Biometric (i.e. finger print, voice, your image, retinal scan)

Azure MFA is Microsoft’s solution to two-step verification.  It helps safeguard access to your data and applications while meeting user demand for a simple sign-in process. Strong authentication is had through a range of verification methods including phone calls, mobile applications or text messaging.

Think Multi-Factor Authentication might be right for your business? Get in touch to learn more!

How Does MFA Work?

When a user signs in, an additional verification is sent to the user.  The second verification can come in a number of ways:

Phone Call – A call is placed to your registered device and you ender a PIN.

Text Message – A text message is sent to your mobile phone with a six-digit code.  You enter this during your sign-in.

Mobile Application Notification – a verification request is sent to your smart phone through a third-party application you’ve installed on your phone.  You enter a PIN that verifies on the phone.

Mobile Application Verification – A third-party mobile application you installed displays a verification code that changes every minute or so. You enter the verification code that is currently displayed on your sign-in page.

Tim Krueger, PEI

Leave a Reply