Microsoft has released a few new Administrator roles in Azure AD, one of them is the Authentication Administrator, that allows delegation of MFA reset in Azure Active Directory without building custom solutions.The Authentication Administrator roles is allowed to view, set and reset authentication method information for any non-admin user.Authentication Administrators can require users to re-register against existing non-password credential (for example, MFA or FIDO) and revoke “remember MFA on the device”, which prompts for MFA on the next sign-in.More information: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#authentication-administrator/Enjoy+Ronni Pedersen
Browsing: Password
Two weeks ago, at Microsoft Ignite in Orlando, Microsoft announced the public preview of Password-less phone sign-in. We enabled this feature right after the session in our company tenant, and we have all been super excited about this cool way of signing in. One big step closer to a more secure and password less world. This blog post will explain how to configure password-less phone sign-in and how to enable this feature for your users. Please note that this is still a pre-release feature. Prepare the Tenant First we need to install the latest version the of Azure Active Directory…
Today I was presenting at Microsoft IT Camp, and an question about why BitLocker should always be implemented came up. So I showed this simple demo on how Windows (and other operating systems) can be hacked, if the disk is left unencrypted. The demo was showed on the latest version of Windows 8.1 Update with all updates installed. Some of the students asked for en guide, so they could show the demo where they work, so here it is… Login using a standard user account Show that the Local Administrator Account is disabled Restart the computer, and boot from a…