Combined MFA and password reset registration is now generally available

News Informatique

Combined MFA and password reset registration is now generally available

The 16th April, Microsoft announced that the combined security information registration is now generally available.

This new experience makes it easy for users to register for Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR) in a simple step-by-step process.

Mobile experience

Now, when users register while signing in on their phone, they’ll see this easy step-by-step experience:

mobile1.PNGmobile2.PNG
mobile3.PNGmobile4.PNG
mobile5.PNG  mobile6.PNG

Web experience

Microsoft simplified the web experience too! Here’s what that looks like:

web1.PNG
web2.PNG

Once a user completes registration, they’ll see an overview of what they registered to confirm the information is correct and then they’re back to work!

web3.PNG

Managing Security Info

From the Security info page, users can easily change their default authentication method or update security info such as their phone number. From here they can also add, delete, or change a method.

securityinfo1.png

Hardware key

From this page users can also add a security key:

securityinfo2.png
securityinfo3.png

Conditional Access for Registration

As part of this update, Microsoft made Conditional Access for the combined MFA and password reset registration experience generally available too!

This helps ensure it’s the right user—not an attacker—registering this sensitive info.

CA for registering.png

Configuration

Even though the feature is now generally available, the new user experience isn’t automatically available yet.

To enable the enhanced security info registration experience, follow these steps:

  • Sign into the Azure portal as a global administrator or user administrator.
  • Browse to Azure Active Directory > User settings > Manage settings for access panel preview features.
  • Under Users you can use the preview features for registering and managing security info – enhanced, you can choose to enable for a Selected group of users or for All users.
opt in.PNG

If you’re still using the old experiences for registering for MFA and SSPR, start making plans to move to this awesome new experience.

Sources

To learn more about the enhanced security info registration experience, check out our admin documentation and user documentation.

To learn more about security keys, check out our previous blog about Azure AD support for FIDO2-based passwordless sign-in.

To learn more, check out our previous blog about Conditional Access for the combined MFA and SSPR registration experience.

0 1 May 2020
MFASSPR

No Comments

Add your comment

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery EntraID ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection Non classé OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
May 2020
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
Categories
Archives

©  2024 Thibault Chatiron