(Unit 2 of 8) Azure authentication methods Flashcards
What is authentication?
The process of establishing the identity of a Person, service, or device
List some of the multiple authentication methods supported by Azure.
- Including standard passwords
- Single sign-on (SSO)
- Multifactor authentication (MFA)
- Passwordless.
What is SSO (single sign on)?
Single sign-on (SSO) enables a user to sign in one time and use that credential to access multiple resources and applications from different providers.
Describe MFA (Multi-Factor Authentication)
Multifactor authentication is the process of prompting a user for an extra form (or factor) of identification **during the sign-in process. **
Multifactor authentication provides additional security for your identities by requiring two or more elements to fully authenticate. These elements fall into three categories. Name them.
- Something the user knows – this might be a challenge question.
- Something the user has – this might be a code that’s sent to the user’s mobile phone.
- Something the user is – this is typically some sort of biometric property, such as a fingerprint or face scan.
What’s Azure AD Multi-Factor Authentication?
Azure AD Multi-Factor Authentication is a Microsoft service that provides multifactor authentication capabilities.
What is Passwordless Authentication?
A means to verify a user’s identity, without using a password.
What is a pre-requisite for Passwordless Authentication?
Passwordless authentication needs to be set up on a device before it can work.
What is a pre-requisite for Passwordless Authentication?
Passwordless authentication needs to be set up on a device before it can work.
(Laptop, PC + Fingerprint or Pin)
Give 3 Passwordless services offered by azure that integrate with AD.
- Windows Hello for Business
- Microsoft Authenticator app
- FIDO2 security keys
Explain the passwordless service offered by Azure (1)
Windows Hello
- ideal for information workers that have their own designated Windows PC
- Biometric and PIN credentials are directly tied to the user’s PC
Explain the passwordless service offered by Azure (2)
Microsoft Authenticator App
- The Authenticator App turns any iOS or Android phone into a strong, passwordless credential.
- Biometric or PIN
Explain the passwordless service offered by Azure (3)
FIDO2 security keys (Fast IDentity Online)
1.unphishable standards-based passwordless authentication
- Uses an external security key or a platform key built into a device.
- FIDO2 security keys are typically USB devices, but could also use Bluetooth or NFC
