Using multi-factor authentication with Azure AD
Published: October 11, 2012
Updated: February 10, 2015
Applies To: Azure, Office 365
This topic provides a general overview of multi-factor authentication concepts and describes how a global administrator can use multi-factor authentication in Azure Active Directory to further protect their organization’s identity data in the cloud.
Multi-factor authentication adds a critical second layer of security to user sign-ins and transactions. It works by requiring any two or more of the following verification methods:
Something you know (typically a password)
Something you have (a trusted device that is not easily duplicated, like a phone)
Something you are (biometrics)
The security of multi-factor authentication lies in its layered approach. Compromising multiple authentication factors presents a significant challenge for attackers. Even if an attacker manages to learn the user’s password, it is useless without also having possession of the trusted device. Conversely, if the user happens to lose the device, the finder of that device won’t be able to use it unless he or she also knows the user’s password.
By default, Azure AD supports the use of passwords as its only authentication method for user sign-ins.
For more information on Azure Multi-Factor Authentication see Azure Multi-Factor Authentication.
Other ResourcesAzure Multi-Factor Authentication