Mar 29 2021
09:20 AM
- last edited on
Feb 01 2023
10:07 AM
by
TechCommunityAP
Mar 29 2021
09:20 AM
- last edited on
Feb 01 2023
10:07 AM
by
TechCommunityAP
are any of the MFA options in Azure AD/Office 365 'risky' from a security perspective, or considered significantly less secure than the other options (I've read various conflicting opinions). If yes, are there ways to take that option away from the users during MFA registration?
If there are any specific security attacks that I could quote against certain MFA choices that may help build a case to warn users on the safer alternatives.
Alternatively, should all global admins for argument sake be using a specific default MFA method over others from a security perspective?
Mar 29 2021 10:10 AM
@CB1 Hello, there are some really good and extensive articles on the docs about AAD MFA settings and authentication methods, and security as well. I think it's better if you read about it as it's literally too much to suggest. But I have tried to make it easier for you as the links here should answer your questions.
Comparison of methods
Authentication methods and features - Azure Active Directory | Microsoft Docs
Select the available MFA options for your users
Configure Azure AD Multi-Factor Authentication - Azure Active Directory | Microsoft Docs
Protect global admin
Protect your Microsoft 365 global administrator accounts - Microsoft 365 Enterprise | Microsoft Docs
Secure
Top 10 ways to secure Microsoft 365 for business plans - Microsoft 365 admin | Microsoft Docs
Secure
Top 12 tasks for security teams to support working from home | Microsoft Docs