In this article

lutz-heilmann.info recommends passwordless authentication approaches such as Windows Hello, FIDO2 protection tricks, and also the lutz-heilmann.info Authenticator application bereason they carry out the many secure sign-in experience. Although a user have the right to sign-in using other common methods such as a username and also password, passwords must be reput through even more secure authentication methods.

You are watching: Which of the following is not a method for authentication?

*

Azure AD Multi-Factor Authentication (MFA) adds additional protection over just utilizing a password once a user indications in. The user deserve to be triggered for extra forms of authentication, such regarding respond to a push notification, enter a code from a software application or hardware token, or respond to an SMS or phone speak to.

To simplify the user on-boarding endure and also register for both MFA and also self-business password recollection (SSPR), we recommend you enable merged protection indevelopment registration. For resiliency, we recommfinish that you require customers to register multiple authentication techniques. When one approach isn"t easily accessible for a user throughout sign-in or SSPR, they can select to authenticate via one more method. For more indevelopment, watch Create a sturdy accessibility manage administration strategy in Azure AD.

Here"s a video clip we developed to help you select the finest authentication method to store your organization safe.

Authentication strategy toughness and also security

When you deploy functions prefer Azure AD Multi-Factor Authentication in your organization, evaluation the available authentication techniques. Choose the techniques that meet or exceed your demands in terms of protection, uscapacity, and also availcapacity. Wright here feasible, use authentication methods through the highest possible level of defense.

The complying with table outlines the protection considerations for the accessible authentication methods. Availcapacity is an indication of the user being able to usage the authentication strategy, not of the organization availability in Azure AD:

Authentication methodSecurityUsabilityAvailability
Windows Hello for BusinessHighHighHigh
lutz-heilmann.info Authenticator appHighHighHigh
FIDO2 defense keyHighHighHigh
OATH hardware tokens (preview)MediumMediumHigh
OATH software tokensMediumMediumHigh
SMSMediumHighMedium
VoiceMediumMediumMedium
PasswordLowHighHigh

For the latest indevelopment on security, examine out our blog posts:


Tip

For adaptability and usability, we recommfinish that you usage the lutz-heilmann.info Authenticator app. This authentication technique provides the ideal user endure and multiple modes, such as passwordmuch less, MFA press notifications, and OATH codes.


How each authentication approach works

Some authentication methods can be provided as the primary element when you sign in to an application or device, such as using a FIDO2 defense vital or a password. Other authentication methods are just accessible as a second element when you usage Azure AD Multi-Factor Authentication or SSPR.

The following table outlines when an authentication method have the right to be provided in the time of a sign-in event:

MethodKey authenticationSecondary authentication
Windows Hello for BusinessYesMFA
lutz-heilmann.info Authenticator appYesMFA and SSPR
FIDO2 defense keyYesMFA
OATH hardware tokens (preview)NoMFA and SSPR
OATH software program tokensNoMFA and also SSPR
SMSYesMFA and SSPR
Voice callNoMFA and SSPR
PasswordYes

All of these authentication approaches have the right to be configured in the Azure portal, and also increasingly using the lutz-heilmann.info Graph REST API.

To learn more about exactly how each authentication method works, view the complying with sepaprice conceptual articles:

Password

Note

In Azure ADVERTISEMENT, a password is often one of the major authentication techniques. You can not disable the password authentication strategy. If you use a password as the major authentication element, increase the defense of sign-in events using Azure ADVERTISEMENT Multi-Factor Authentication.


The complying with extra confirmation approaches deserve to be supplied in particular scenarios:

Next off steps

To get began, check out the tutorial for self-company password reset (SSPR) and also Azure ADVERTISEMENT Multi-Factor Authentication.

To learn more around SSPR principles, view How Azure ADVERTISEMENT self-service password reset works.

To learn even more around MFA ideas, view How Azure AD Multi-Factor Authentication functions.

Find Out even more around configuring authentication methods using the lutz-heilmann.info Graph REST API.

See more: This Is Why I Hate Video Games It Appeals To The Male Fantasy

To testimonial what authentication methods are in usage, watch Azure ADVERTISEMENT Multi-Factor Authentication authentication strategy analysis via PowerShell.