Passwordless Authentication, Part 2: Temporary Access Pass, Security Key enrollment & Windows-Sign in

In my previous blogpost I demonstrated a basic enrollment of Passwordless authentication into Azure AD with a FIDO2 Security Key. Generally speaking, common use cases for FIDO2 certified hardware keys are as follows: Strong AuthenticationSecuring Privileged AccountsPasswordless AuthenticationShared DevicesPersonal Security…

Passwordless Authentication, Part 1: Azure Active Directory & Yubikey

Passwordless Authentication today can be achieved using different methods towards different services. There has been work going on for several years now between different companies and vendors to establish a new authentication standard where goals have been to increase both…

Getting started with Intune App Protection and App Data Protection configuration framework

In this blog post I will go through the basics of App Protection Policies in Intune, the App Data Protection configuration framework and guide you in how to import related data-protection templates for Intune App Protection into your Intune tenant.…

Attack Surface Reduction

In this blog post I will go through some of the different configuration options available for Attack Surface Reduction using Endpoint Manager (Intune), Defender for Endpoint and analyzing the rules locally using Powershell. Short introductionAttack Surface Reduction Rules in Windows…

Manage authentication method (MFA in AzureAD, telephone-number)

Finally some new capabilites for us in regards to displaying, changing and turning off MFA-configurations for users. My past post regarding MFA-status can be read here which utilized Get-Msoluser. Now, Microsoft has released a new set of commands in the…

Check MFA-Status of Users (Powershell)

Finding information about MFA on a user in Azure Active Directory can be achieved in mutiple ways. Here, I will describe an easy way of finding MFA-information (registered, and by which method) by using Powershell, the cmdlet Get-Msoluser and its…