Microsoft Azure Tutorial
Microsoft Azure Advanced
Microsoft Azure Useful Resources
Selected Reading
- Microsoft Azure - Scenarios
- Microsoft Azure - Datacenters
- Microsoft Azure - Security
- Microsoft Azure - Applications
- Microsoft Azure - CDN
- Microsoft Azure - Tables
- Microsoft Azure - Queues
- Microsoft Azure - Blobs
- Microsoft Azure - Storage
- Microsoft Azure - Fabric Controller
- Microsoft Azure - Compute Module
- Microsoft Azure - Components
- Microsoft Azure - Windows
- Cloud Computing - Overview
- Microsoft Azure - Home
Microsoft Azure Advanced
- Microsoft Azure - Upgrades
- Microsoft Azure - Health Monitoring
- Azure - Orchestrated Recovery
- Azure - Security Reports & Alerts
- Microsoft Azure - Create a Group
- Microsoft Azure - Self-Service Group
- Azure - Self-Service Password Reset
- Azure - Personalize Company Brand
- Microsoft Azure - Personalize Access
- Microsoft Azure - Disk Caching
- Microsoft Azure - Disk Configuration
- Microsoft Azure - Scalability
- Microsoft Azure - Websites
- Azure - Data Import & Export Job
- Azure - Forefront Identity Manager
- Azure - Multi-Factor Authentication
- Azure - Self-Service Capabilities
- Microsoft Azure - Backup & Recovery
- Azure - Application Deployment
- Azure - Setting Up Alert Rules
- Azure - Monitoring Virtual Machines
- Microsoft Azure - PowerShell
- Microsoft Azure - Traffic Manager
- Azure - Site-to-Site Connectivity
- Azure - Point-to-Site Connectivity
- Azure - Endpoint Configuration
- Azure - Deploying Virtual Machines
- Azure - Create Virtual Network
- Microsoft Azure - Management Portal
Microsoft Azure Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
Azure - Multi-Factor Authentication
Microsoft Azure - Multi-Factor Authentication
All of us at some point have encountered multi-factor authentication. For example, customers of some banks receive a call or one-time password as text message on their mobile phones while signing in to their bank account onpne. The multi-factor authentication refers to the system in which more than one system authenticates the user to access an apppcation. The multi-factor authentication offers better security for Azure cpents. It lets the cpent choose if they want to use more than one system of credentials to allow the users to access the apppcations. Multi-factor authentication can be used to protect both on-premise and on-cloud directories.
In this process, the user first signs in with the username and password in a normal way. The credentials are verified and then if the automated call authentication is activated, the user receives a call and is asked to confirm the sign-in attempt.
Mobile App − Mobile apps for all platforms (Android, iOS and Windows) are available. This app pushes a notification when a sign-in attempt is made and then the user can choose to authenticate, if it is genuine attempt.
Text Message − This method sends a one-time password to the registered mobile phone of the user. They either reply from their phone or enter the one-time password into their sign-in page.
Automated Call − The automated call asks for the user to vapdate the sign-in attempt by pressing a key on their phone’s dial pad.
Create a Multi-Factor Authentication Provider
Step 1 − Cpck ‘New’ at the left bottom corner → App Services → Active Directory → Multi Factor Auth Provider → Quick Create.
Step 2 − Enter the name for the provider.
Step 3 − Select Usage model. Let’s choose ‘Per Authentication’ for this example. Please note that you won’t be able to change the usage model once multi-authentication provider is created. So please take your needs in consideration before choosing it.
Step 4 − Next, there is an option, if you wish to pnk the existing directory or not. Here, let’s pnk an existing directory name ‘tutorialspoint’ that was previously created to this multi-factor provider.
Step 5 − After you cpck ‘Create’, it will be psted in your services pst. Select the multi-factor provider you just created and you will the following screen.
Step 6 − Select ‘Manage’ at the bottom of the screen and you will be taken to a new page as shown in the following image.
Step 7 − Select ‘Configure’ to choose the authentication.
Step 8 − You can set the number of attempts, change the phone number from where the call is made (default number is already there), two-way message timeout (default is 60 seconds), one-time password’s timeout (default is 300 seconds) under general settings. You can also provide an e-mail address where you can be notified if one-time password is bypassed.
Step 9 − Scroll down the page and you will see fraud settings. Under Fraud Setting, you can choose to allow the users to send fraud alerts, block the user if an alert is reported and also set an e-mail address where alerts are sent.
After the multi-factor authentication is activated for the users, they will be asked to choose one of the three methods (automated message, text message or mobile app) when they sign in to their account next time. The chosen method will be used to authenticate them each time they sign in to their account.
Enable the Multi-Factor Authentication for Existing Directory
One way is to pnk the directory to multi-factor authentication provider while creating it, as we seen in the previous section. However, you can also do it in the following way for a particular user.
Step 1 − Go to your directory by choosing it from the left panel and cpck ‘Manage MultiFactor Auth’ at the bottom of the screen.
Step 2 − It will take you to the following screen. Here you can select the user and enable or disable the multi-factor authentication for the user.
Enable Multi-Factor Authentication for On-premises Apppcations
When you create a new multi-authentication provider using the management portal and select to manage it, you are taken to the page as was shown in the first section of this chapter. If you want to enable the multi-factor authentication for your on-premise apppcation, you have to install the authentication server by cpcking the highpghted pnk. Then you can configure the setting as desired.
Step 1 − Cpck the pnk encircled in the following image.
Step 2 − You will be taken to the following screen, download the setup and generate activation credentials in order to login to the server.
Advertisements