Brian Reid – Microsoft 365 Subject Matter Expert

Tag: MFA

  • Enforced MFA on the Azure Portal and Emergency Access (breakglass) Accounts

    Enforced MFA on the Azure Portal and Emergency Access (breakglass) Accounts

    An emergency access (or break-glass) account is a key design consideration of your M365/Entra tenant. This would be an account that would bypass MFA and you would store the very long and unique credentials offline somewhere. This would be used in the case of configuration breakages that would lock out all your other admins or…

  • Export Conditional Access Named Locations Using PowerShell

    Export Conditional Access Named Locations Using PowerShell

    The named locations can be used in Conditional Access rules as a way to block or allow countries by IP address to geo-lookup database. Whilst not always accurate, and can be bypassed by VPN or a virtual machine in an allowed location, they do have their uses as a basic block to where services can…

  • Migrating MFA Settings To Authentication Methods

    Migrating MFA Settings To Authentication Methods

    Released to Azure AD in December 2022 there is now a process for migrating from the legacy MFA methods and Self-Service Password Reset (SSPR) authentication methods to the unified Authentication Methods policies in Azure AD. This migration window is open until Jan 2024 when the legacy methods will be disabled. This change will allow you…

  • Improving Security For MFA Approvals – Number Matching

    Rolling out in November 2021 is a new feature – that of requiring the user to enter a number rather than just click approve on the MFA prompt. This update to Azure AD requires the use of Push Notifications and therefore requires the use of the Microsoft Authenticator app. It also requires that MFA is…

  • Adding Location To Azure AD MFA

    This Azure AD feature is something that a number of other Multi-Factor Authentication providers have already implemented – that of showing the location of the user login (and the app in use) on the MFA prompt. This feature rolled out to Azure AD in mid November 2021 in preview – so use in non-production tenants…

  • MFA and End User Impacts

    This article will look at the various different MFA settings found in Azure AD (which controls MFA for Office 365 and other SaaS services) and how those decisions impact users. There is lots on the internet on enabling MFA, and lots on what that looks like for the user – but nothing I could see…