Azure Multi-factor authentication is an authentication system that requires more than one authentication factor for successful authentication
Azure Multi-Factor Authentication refers to a Characteristic of an authentication system or an authenticator that requires more than one authentication factors for successful authentication. Multi-factor authentication can be performed using a single authentication that provides more than one factor or by a combination of authenticators that provide different factors.
What is Azure Multi-Factor Authentication?
Having two different factors isn’t multi-factor authentication, that’s just having two different instances of the same factor. You need different factors and the more factors that are used the stronger the implementation is considered to be.
A debit card is the perfect example of multi factor authentication.
Something you have – Card itself
Something you know – Pin Code
One factor alone isn’t enough to complete the transaction, so you are using the two different factors to prove that you are the owner of the bank account. That model has been built into the IT industry with organizations issuing multi-factor credentials to the users. Which could something static like software certificates that used in the combination of static p-word or something more dynamic like hardware token that generates the one-time p-word that changes every 30 seconds.
RSA Secure ID is well-known example, the user enters the p-code from the device into the browser and the p-code is validated on the server in order to verify they are in the possession of the token. Similarly, the new Microsoft authenticator App can perform the same function by providing the p-code to the user’s mobile device which is a part of the Azure MFA suite of tools.
Concept of Azure Multi-Factor Authentication
Username and p-word authentication probably aren’t going away any soon but adding another factor of authentication in combination of username and p-word is a way to further -urance of the user iden-y.
Relevant Authentication factors
Memorized secret p-words or p-codes besides using an Azure MFA as a second factor of authentication after using the primary username and p-word, you see the Azure MFA can also leverage the static pin code -igned to an individual user while using the Azure MFA server on-premises
Out of band device is another authenticator type, it’s a physical device that uniquely addressable and can communicate securely over a distinct communication channel. So, in the case on Azure MFA that device is the mobile phone and the secondary network is the phone network or the internet when using the Microsoft authenticator APP.
Single Factor OTP device OTP stands for one-time p-code it’s a hardware token or software-based token generator installed on a device like mobile phone and generates one-time p-codes, it doesn’t require second channel to receive the p-code. The p-code is generated with seed value and device clock. The p-word changes in regular intervals when you input the p-word to the system you are trying to access the p-word is verified on the server side because the same seed value that’s been issue to your token is used to verify on the server.