Phishing-resistant Passwordless Authentication Deployment Guide in Microsoft Entra ID
Ashok Babu Singu
Lead - Infrastructure Services | Windows Server Administration | Active Directory | Azure | Azure AD| Exchange Online | O365 | SCCM |
Phishing-resistant, passwordless authentication options like passkeys and smart cards will significantly improve our defences against cyber threats.
Phishing-resistant passwordless methods also have extra security baked in. They automatically count as MFA by using something that the user has (a physical device or security key) and something the user knows or is, like a biometric or PIN. And unlike traditional MFA, phishing-resistant passwordless methods deflect phishing attacks against your users by using hardware-backed credentials that can’t be easily compromised.
Microsoft Entra ID offers the following phishing-resistant passwordless authentication options:
o??? Windows Hello for Business
o??? Platform credential for macOS (preview)
o??? Microsoft Authenticator app passkeys (preview)
o??? FIDO2 security keys
o??? Other passkeys and providers, such as iCloud Keychain -?on roadmap
2. Certificate-based authentication/smart cards
Start your journey here:
?? Pre-requisites: https://lnkd.in/dmbUJSVZ
?? Plan and Deploy: https://lnkd.in/dNnfyTQQ
?? Persona guidance: https://lnkd.in/dTwD5KPJ