Multifactor authentication in Azure AD
Strengthen security and reduce costs with Microsoft Entra
Hear Joy Chik, Microsoft Corporate Vice President for Identity, share the latest identity and access announcements in governance, workload identities, strong authentication, and new tools for upgrading from Active Directory Federation Services (AD FS) to Azure AD.
Help secure access to resources with multifactor authentication
Use stronger security than passwords alone
Long or complex passwords can be easily compromised in an identity attack. Get more protection with MFA.
Protect your users from credential theft
Make sure your credentials for high-risk accounts are resistant to phishing and channel jacking.
Secure your resources against unauthorized access
Verify user identities before granting access to your resources.
Ensure a seamless user experience
Reduce friction and simplify security to empower your users.
What is MFA?
Help protect your business from common identity attacks with one simple action.
Multifactor authentication methods in Azure AD
Use various MFA methods with Azure AD—such as texts, biometrics, and one-time passcodes—to meet your organization’s needs.
Microsoft Authenticator
Approve sign-ins from a mobile app using push notifications, biometrics, or one-time passcodes. Augment or replace passwords with two-step verification and boost the security of your accounts from your mobile device.
FIDO2 security keys
Sign in without a username or password using an external USB, near-field communication (NFC), or other external security key that supports Fast Identity Online (FIDO) standards in place of a password.
Certificate-based authentication
Enforce phish-resistant MFA authentication using personal identity verification (PIV) and common access card (CAC). Azure AD users can authenticate using X.509 certificates on their smartcards or devices directly against Azure AD for browser and application sign-in.
See what Azure AD customers are saying
Azure AD Multifactor Authentication
Choose the best Azure AD option for your business
- Azure AD Free: The free edition of Azure AD is included with a subscription of a commercial online service such as Azure, Dynamics 365, Intune, and Power Platform.1
- Azure AD Premium P1: Azure AD Premium P1, included with Microsoft 365 E3, offers a free 30-day trial. Azure and Office 365 subscribers can buy Azure AD Premium P1 online.
- Azure AD Premium P2: Azure AD Premium P2, included with Microsoft 365 E5, offers a free 30-day trial. Azure and Office 365 subscribers can buy Azure Active Directory Premium P2 online.
- Office 365: Additional Azure AD features are included with Office 365 E1, E3, E5, F1, and F3 subscriptions.2
Related Azure AD features
Conditional access
Apply the right access controls to keep your organization more secure.
Single sign-on
Connect your workforce to all your apps, from any location, using any device.
MFA documentation and training
Azure MFA adoption kit
Use this all-in-one guide to help you plan, test, and deploy Azure multifactor authentication in your organization.
Inform your organization
Roll out MFA using these customizable posters, emails, and other templated materials.
Use passwordless authentication
Make MFA more secure and convenient using new factors based on FIDO standards.
Webinar: Your Pa$$word Doesn't Matter
Learn about the major attacks on passwords and how passwords can play a role in these attacks.
Frequently asked questions
-
Multifactor authentication (MFA) adds a layer of protection to the sign-in process. When accessing accounts or apps, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone.
-
MFA works in Azure Active Directory by requiring two or more of the following authentication methods:
- A password
- A trusted device that's not easily duplicated, like a phone or hardware key
- Biometrics like a fingerprint or face scan
-
Multifactor authentication is a capability of Azure Active Directory.
Protect everything
- [1] The free edition of Azure AD is included with a subscription of a commercial online service such as Azure, Dynamics 365, Intune, and Power Platform in countries where they are available for sale.
- [2] Additional Azure AD features are included with Office 365 E1, E3, E5, F1, and F3 subscriptions in countries where they are available for sale.
Follow Microsoft