šŸ”„ Check out my documented journey on how to set up Configuration Manager (MECM) and my updated notes on the Azure AZ-104 Exam! šŸ”„
Posts
Microsoft
Azure
AZ-900
AZ-900 Certification Notes
Acloudguru
chapter8
Chapter 8.6 - Passwordless Authentication

AZ-900 Certification Notes

Chapter 8.6 - Passwordless Authentication

Security vs. Convenience: The Never-Ending Conflict

Multi-Factor Authentication is More Secure, But Less Convenient

  • More steps require to log in
    • Password and device/biometrics
    • Increased user frustration:
      • If everything is not working as expected
      • Overall, less convenient

Passwordless Authentication: One Possible Solution

Objective: Increase Convenience While Staying Secure

  • Password only = More convenient, but less secure
  • Password + MFA = Higher security, but inconvenient
  • Passwordless Authentication = High security and convenient
    • Remove password from system login
    • Replace with:
      • Something you have (phone/key fob)
      • Something you know/are (on device)
        • Fingerprint/face unlock/PIN

Passwordless Authentication Methods

Microsoft Authentication App

  • Microsoft's MFA mobile app
    • Configure in Azure AD
  • Authenticate in app with biometrics/PIN Windows Hello
  • Face recognition in Windows FIDO2 Security Key
  • Hardware key

Example Passwordless Login Scenario

  • Log in to Microsoft 365, and enter your username.
  • Instead of a password, you are prompted to check Microsoft Authenticator.
  • Use the biometric/PIN in the Authenticator app to confirm authentication
  • Confirm numerical challenge in the Authenticator app
Chapter 8.5 - Conditional AccessChapter 8.7 - External Guest Access