Multi-Factor Authentication and Conditional Access
Strengthen login security by enforcing MFA and configure conditional access policies that grant or block access based on user, device, and location signals.
Why Passwords Alone Are Not Enough
Stolen credentials are the leading cause of cloud security breaches. A password alone can be phished, guessed through brute force, or leaked from a third-party breach. Multi-Factor Authentication (MFA) requires a second verification factor that an attacker is unlikely to possess even after obtaining a password — dramatically reducing the risk of unauthorised access to your Azure environment.
MFA Verification Methods
Entra ID supports multiple MFA verification factors. The most secure and recommended option is the Microsoft Authenticator app, which provides number matching and push notifications. Other options include a FIDO2 security key (hardware token), a software OATH token, SMS text message, or a voice call. SMS and voice are considered lower security and should be used only as fallbacks.
All lessons in this course
- What Is Microsoft Entra ID?
- Users, Groups, and Role Assignments
- Multi-Factor Authentication and Conditional Access
- Single Sign-On and External Identities