Phishing Resistant MFA How it Works!

Рет қаралды 15,976

Andy Malone MVP

Күн бұрын

Пікірлер: 46

@1.618Golden 8 ай бұрын

Thanks!

@AndyMaloneMVP 8 ай бұрын

Thanks so much :-)

@chaosmassive8627 8 ай бұрын

Hi Andy, can you make a video on Intune? especially for hybird joined domain PC?, enjoyed your video as always.

@uuciuao8s8s-lw2ob 8 ай бұрын

Pretty please??

@tony6626 8 ай бұрын

Great presentation Andy, interesting stuff!

@AndyMaloneMVP 8 ай бұрын

Many thanks!

@supriyochatterjee4095 8 ай бұрын

Brilliant information

@AndyMaloneMVP 8 ай бұрын

Glad you think so!

@donefh 8 ай бұрын

Great content!

@jreamscape 8 ай бұрын

dope stuff andy

@1.618Golden 8 ай бұрын

Great info, Imma have to watch this a few more times to get all that info in my thick skull. Thank you sir Andy!

@shailukov7440 8 ай бұрын

Perfect explanation. Thank you for being who you are!

@jmanuelng 8 ай бұрын

Super cool, how to implement for device logon? 😁

@AndyMaloneMVP 8 ай бұрын

Coming soon🙂

@RamonOchoaMusic 8 ай бұрын

When is Entra going to completely remove a user’s password like a consumer can currently with an outlook/hotmail account? Currently password- less still lets someone keep clicking on a signin more options until they can get a prompt for password. Password less really isn’t that at this time.

@AndyMaloneMVP 8 ай бұрын

Coming soon

@RyanMerck 8 ай бұрын

Another top quality video. Thank you Andy!

@ReQuiem_2099 8 ай бұрын

Could not have come at a more perfect time! 🙌

@driver288 8 ай бұрын

So….. when does passkey support come to Microsoft 365? We are a few months behind schedule already

@AndyMaloneMVP 8 ай бұрын

I totally agree with you 😊 I asked the very same question just a month ago in Redmond. It’s coming soon was the answer 😉

@driver288 8 ай бұрын

@@AndyMaloneMVP I’ve been testing the passwordless experience for windows and saw the option to use a companion device for login. Do you have some insight into how that works? Passwordless experience basically remove the option to log in using passwords. But how does the companion device work and what devices do they refer to?

@AbdoulsDiallo 8 ай бұрын

Hi as microsoft partnaire did you know the way to contact Microsoft when all your Microsoft Business Premium account are said doesn't exist. We are facing this issue since Friday but until now can't get in touch with the appropriate support to help us solve the issue. Thanks

@AndyMaloneMVP 8 ай бұрын

I feel for you. Support can be a nightmare. Keep trying though they will come back to you.

@AbdoulsDiallo 8 ай бұрын

@@AndyMaloneMVP Okay thanks

@mattsnider5704 8 ай бұрын

Thanks for your videos. The audio sounds a bit muffled.

@AndyMaloneMVP 8 ай бұрын

I recorded this one on a hotel, my apologies

@tdavis8517 8 ай бұрын

We are so tired of our users clicking phishing links, entering their 365 passwords when prompted and getting their MFA token stolen from their browsers. We thought MFA would solve compromised mailboxes but bad actors always find a way...

@AndyMaloneMVP 8 ай бұрын

If I may be so bold as to suggest some user training. Incorporate this into your security awareness program. Microsoft also has an excellent attack simulator that you can use.

@alanjrobertson 8 ай бұрын

Does this deal with the weakness around session cookies being stolen that has been an issue recently?

@AndyMaloneMVP 8 ай бұрын

This is no longer an issue as you can fix this issue by using conditional access. I covered this recently in my security video.

@alanjrobertson 8 ай бұрын

@@AndyMaloneMVP ah OK, that's good to hear!

@Zachsnotboard 8 ай бұрын

Have you gotten passkeys on mobile via the MS authentication app to work ?

@AndyMaloneMVP 8 ай бұрын

Yes

@Zachsnotboard 8 ай бұрын

@@AndyMaloneMVPwhen I go to add a security key, I only see usb or nfc device 😢

@MyVlogTubes 8 ай бұрын

Microsoft Entra ID is every minute and day changing, you cant keep up with the changing with new updates!

@AndyMaloneMVP 8 ай бұрын

Practice practice :-)

@1.618Golden 8 ай бұрын

I feel you on that one, but like sir Andy says, practice practice. IT is the one field you are guaranteed to have to learn for life. It's a passion we get paid to follow!

@andrewenglish3810 8 ай бұрын

And how does this work with people who are using AD on-premise?

@AndyMaloneMVP 8 ай бұрын

It does not yet. See upcoming Windows 2025

@tepatrilee3009 8 ай бұрын

This solution is inherently a cloud based solution using Entra. It has no relevance to AD on-premise. The underlying thought process is that AD on-premise is generally used on an internal network protected by a firewall. 365 authentication goes out over the public internet which has much more inherent risk, and Microsoft is developing authentication protection like phishing resistant MFA to encourage people to trust 365. You can use phishing resistant MFA on premise, like Windows Hello for Business, and others using 3rd party solutions. But this is a Microsoft Entra/cloud specific video.

@moshenierenberg7563 5 ай бұрын

Why do all Microsoft people use Mac and not windows?

@AndyMaloneMVP 5 ай бұрын

Trust me once you go Mac you’ll never go back 👍

@jreamscape 8 ай бұрын

entra cant ever stay still lol

@StijnHommes 2 ай бұрын

So now scammers can "prove" who they are by stealing devices... 😂😂😂 No! Passwords are the standard for a reason. If you somehow unlock my phone, you still have to figure out the passwords for each of my accounts. Passkeys offer no such protection. Once the hacker gets past layer one, you're screwed. I'll stick with passwords.

@AndyMaloneMVP 2 ай бұрын

Scammers would not be able to prove who they are because this type of MFA is linked to biometrics not passwords