Secure access to resources with multifactor authentication
Azure AD is now part of Microsoft Entra
Step into tomorrow with Microsoft Entra, the new family of multicloud identity and access products to help you secure access for a connected world.
What is multifactor authentication (MFA)?
Multifactor authentication (MFA) adds a layer of protection to the sign-in process. When accessing accounts or apps, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone.
Why use multifactor authentication (MFA)?
It’s more secure than passwords
In most identity attacks, it doesn’t matter how long or complex your passwords are.
Some types of multifactor authentication (MFA) are stronger than others
Make sure your credentials for high-risk accounts are resistant to phishing and channel jacking.
Passwords are making you vulnerable
Protect your business from common identity attacks with one simple action.
Multifactor authentication in Azure AD
Azure AD offers a broad range of flexible multifactor authentication (MFA) methods—such as texts, calls, biometrics, and one-time passcodes—to meet the unique needs of your organization and help keep your users protected.
Choose the right technology
Azure AD multifactor authentication (MFA) works by requiring two or more verification methods.
Approve sign-ins from a mobile app using push notifications, biometrics, or one-time passcodes. Augment or replace passwords with two-step verification and boost the security of your accounts from your mobile device.1
Windows Hello for Business
Replace your passwords with strong two-factor authentication (2FA) on Windows 10 devices. Use a credential tied to your device along with a PIN, a fingerprint, or facial recognition to protect your accounts.
FIDO2 security keys
Sign in without a username or password using an external USB, near-field communication (NFC), or other external security key that supports Fast Identity Online (FIDO) standards in place of a password.
Automatically generate a one-time password (OTP) based on open authentication (OATH) standards from a physical device.
Use the Microsoft Authenticator app or other apps to generate an OATH verification code as a second form of authentication.
SMS and voice
Receive a code on your mobile phone via SMS or voice call to augment your password security.
Take a deep dive into Azure AD multifactor authentication (MFA) solutions
Get the Azure multifactor authentication adoption kit
Use this all-in-one guide to help you plan, test, and deploy Azure multifactor authentication in your organization.
Passwordless authentication can make multifactor authentication (MFA) more secure and convenient using new factors based on FIDO standards.
Inform your organization
Roll out multifactor authentication (MFA) using these customizable posters, emails, and other templated materials.
Your Pa$$word doesn't matter
Find out what the major attacks on passwords are and how the password itself factors into the equation.