Advanced authentication
In this section, we will see two advanced scenarios used to authenticate against Azure services. The first is the Multi-Factor Authentication, which is useful to secure the directory users' accounts with a two-step verification; the second are Management Certificates, used to establish a secure channel between two parties and operate as administrators against a given subscription.
Multi-Factor Authentication
Azure AD has built-in features to enable Multi-Factor Authentication for its users. As for the two-step verification of the Microsoft account (discussed earlier in the chapter) Multi-Factor Authentication involves more than just one factor, combining:
- What we know: This refers to valid credentials
- What we have: This refers to a device, for example
In Azure AD, we have these options:
- Authentication apps for mobile phones, available for Windows Phone, Android, and iOS. With the authentication app, users can receive one-time passcodes via push notifications or generate...
