Comments on: Improve MFA Effectiveness in Your Microsoft 365 Tenant in 30 Minutes https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/ Practical Office 365 News, Tips, and Tutorials Tue, 25 Oct 2022 17:59:14 +0000 hourly 1 https://wordpress.org/?v=6.3.2 By: Tony Redmond https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-241981 Mon, 15 Aug 2022 19:27:59 +0000 https://practical365.com/?p=54081#comment-241981 In reply to Ahmad.

I don’t believe it requires passwordless but I can’t be certain. Test it and see!

]]>
By: Ahmad https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-241976 Mon, 15 Aug 2022 18:30:16 +0000 https://practical365.com/?p=54081#comment-241976 Does additional context require passwordless or would it work with just push?

]]>
By: Tony Redmond https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237622 Thu, 27 Jan 2022 14:29:34 +0000 https://practical365.com/?p=54081#comment-237622 In reply to Clare.

The users must be generating many authentication requests over a short period. I certainly have never had an issue with competing authentications. I can see how it might happen, but I have never had to cope with the situation.

]]>
By: Clare https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237621 Thu, 27 Jan 2022 13:48:12 +0000 https://practical365.com/?p=54081#comment-237621 Do you know of a procedure to bypass additional context/number matching when the request to sign in is via a mobile app on the same device where authenticator resides? i.e. users complain of overlapping notifications and unable to see number matching without leaving the app on that device that they are trying to login to.

]]>
By: Arian van der Pijl https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237203 Sun, 28 Nov 2021 11:53:58 +0000 https://practical365.com/?p=54081#comment-237203 In reply to Phillip L..

If you use the Azure AD MFA NPS plugin on-premise to secure for example the RDS Gateway of VMware Horizonservices there is no ‘gui’ to enter the response.
So somehow the ‘approve’ routine cannot (I guess it never will) be disabled for some MFA services.

]]>
By: Tony Redmond https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237183 Wed, 24 Nov 2021 11:52:59 +0000 https://practical365.com/?p=54081#comment-237183 In reply to Christopher Page.

You need to be licensed to use MFA. The Office 365 plans include basic MFA while you can pay more for extra functionality through Azure AD premium licenses. See https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-licensing.

]]>
By: Tony Redmond https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237181 Wed, 24 Nov 2021 09:35:40 +0000 https://practical365.com/?p=54081#comment-237181 In reply to Marty.

One observation that I have is that the additional context only appears on phones running the Authenticator app. Because it’s on a phone and the apps are very graphical, it seems to me that users will accept the context, especially as it is not very granular when it comes to precise locations!

]]>
By: Marty https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237179 Wed, 24 Nov 2021 07:23:45 +0000 https://practical365.com/?p=54081#comment-237179 Application context without location would be cool. We had a hard time to convince everybody to install authenticator on their private phones. If it shows their location, they will feel tracked

]]>
By: Christopher Page https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237177 Tue, 23 Nov 2021 23:05:26 +0000 https://practical365.com/?p=54081#comment-237177 Hi Tony,
What licensing levels/options are needed to implement these settings?
Thank you,
Chris

]]>
By: Tony Redmond https://practical365.com/improve-mfa-effectiveness-microsoft365-tenant/#comment-237164 Tue, 23 Nov 2021 09:16:57 +0000 https://practical365.com/?p=54081#comment-237164 In reply to Alex Christophe.

Hi Alex,

Of course, third party solutions are also available to help increase the security of Microsoft 365 tenants. However, it usually takes much longer than 30 minutes to organize the procurement of any third-partyy software. The point here is that you can put the Microsoft implementation of number matching and additional context into production within 30 minutes (and at no cost).

TR

]]>