SALES: 1-800-867-1380

Using multi-factor authentication with Azure AD

Published: October 11, 2012

Updated: February 10, 2015

Applies To: Azure, Office 365

This topic provides a general overview of multi-factor authentication concepts and describes how a global administrator can use multi-factor authentication in Azure Active Directory to further protect their organization’s identity data in the cloud.

Multi-factor authentication adds a critical second layer of security to user sign-ins and transactions. It works by requiring any two or more of the following verification methods:

  • Something you know (typically a password)

  • Something you have (a trusted device that is not easily duplicated, like a phone)

  • Something you are (biometrics)

The security of multi-factor authentication lies in its layered approach. Compromising multiple authentication factors presents a significant challenge for attackers. Even if an attacker manages to learn the user’s password, it is useless without also having possession of the trusted device. Conversely, if the user happens to lose the device, the finder of that device won’t be able to use it unless he or she also knows the user’s password.

By default, Azure AD supports the use of passwords as its only authentication method for user sign-ins.

For more information on Azure Multi-Factor Authentication see Azure Multi-Factor Authentication.

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft