Authentication Strengths in Microsoft Entra ID allows you to granularly define authentication requirements for different situations.

Before authentication strengths were available, authentication requirements were defined globally for the entire tenant, and then conditional access policies could just say that multi-factor authentication was required, for example. But it was not possible to define what type of multifactor authentication was required. So anything that was available globally could be used by all users in all situations.

Which was not optimal. There are situations where a less secure authentication method like SMS or TOTP might be enough. But there are situations where we only want to use very secure authentication methods like FIDO2 when someone is logging into a global admin account for example.

Such granularity was not possible before. If SMS authentication was enabled for a given tenant, even the global admin could use SMS for authentication.

Watch my YouTube video bellow for more details 👇 👇
https://youtu.be/8sIX19pbdho

#cswrld #cybersecurity #entraid #authentication #authenticationstrength #conditionalaccess

Authentication Strengths in Microsoft Entra ID allows you to granularly define authentication requirements for different situations.

It is possible to define different groups of authentication methods and then associate them with conditional access policies.

Do you want to know more about authentication strengths in Microsoft Entra ID, how to use it and what are the recommended authentication methods to allow? Read my article bellow 👇👇

https://www.cswrld.com/2024/03/microsoft-entra-id-authentication-strengths-explained/

#entraid #conditionalaccess #policies #mfa #authenticationstrength