Select Page

10 Reasons to Love Passwordless #3: Why biometrics and passwordless are a dream combination

The Microsoft identity team recently launched a series explaining why they love passwordless authentication (and why you should too!).The series kicked off with posts on FIDO and NIST compliance. Alex Weinert continues the series with this post speaking to biometric ... continue reading
11.png

Granular Conditional Access for sensitive data and actions

Today I am excited to share how you can maximize user productivity AND protect your most sensitive resources with Conditional Access authentication context. Conditional Access is the Zero Trust control plane that allows you to target policies for access to ... continue reading

10 Reasons to Love Passwordless #9: Onboard without a password

In this series, Microsoft identity team members share their reasons for loving passwordless authentication (and why you should too!). Alex Weinert continues the series with this post in which he describes how much customers are going to benefit from Temporary ... continue reading
7.png

10 Reasons to Love Passwordless #7: Authenticator app for easy phone sign-in

In this series, Microsoft identity team members share their reasons for loving passwordless authentication (and why you should too!). Today, Alex Weinert continues this series. In previous blogs in this series, we shared how passwords lead to breaches, lost productivity ... continue reading

Ten Reasons to Love Passwordless #3: Why biometrics and passwordless are a dream combination

The Microsoft identity team recently launched a series explaining why they love passwordless authentication (and why you should too!).The series kicked off with posts on FIDO and NIST compliance. Alex Weinert continues the series with this post speaking to biometric ... continue reading
AccessWorkbook.png

Azure AD workbook to help you assess Solorigate risk

In the interest of helping customers concerned about the Solorigate attacks we are publishing a new workbook in the Azure AD admin portal to assist investigations into the Identity Indicators of Compromise related to the attacks. The information in this ... continue reading
Graph.png

Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers.

Microsoft recently disclosed a set of complex techniques used by an advanced actor to execute attacks against several key customers. While we detected anomalies by analyzing requests from customer environments to the Microsoft 365 cloud, the attacks generalize to any ... continue reading
Protecting Microsoft 365 from on-premises attacks

Protecting Microsoft 365 from on-premises attacks

Many customers connect their private corporate networks to Microsoft 365 to benefit their users, devices, and applications. However, there are many well-documented ways these private networks can be compromised. As we have seen in recent events related to the SolarWinds ... continue reading

It’s Time to Hang Up on Phone Transports for Authentication

In my blog Your Pa$$word doesn't matter, I laid out the key password vulnerabilities, and in response to a gazillion “but other creds can be compromised, too” DMs and emails, I wrote All our creds are belong to us, where ... continue reading
DBada_0-1603483682309.png

Advancing Password Spray Attack Detection

Hey folks, In this blog, I am going to tell you about an amazing addition to our family of credential compromise detection capabilities – this one uses our machine learning technology and global signal to create incredibly accurate detection of ... continue reading