Link to home
Start Free TrialLog in
Avatar of Jerry Seinfield
Jerry SeinfieldFlag for United States of America

asked on

MFA in Azure for a hybrid org

Hello Experts,

I would like to get your thoughts about implementing MFA in Azure for a Hybrid Organization [Azure- AD on-prem].

Id like to see the options for two and three factor and understand if we can choose our own combinations (Captcha, Text to Phone, Alternate email).

Can you please provide a brief explanation of all my different choices, and a nice graph or pic of each representation ? Please, do not only attach MS links on how to deploy MFA, and a single copy/paste?

PROS and CONS of each model to be implemented? Any gotchas on each option?

Thanks in advance
Avatar of Vasil Michev (MVP)
Vasil Michev (MVP)
Flag of Bulgaria image

Two-factor is the maximum you can get, and users have control over which method to use with Azure MFA. With the on-prem version you get the option to control which method they can use, but you are still limited to two-factor, that's including any other AD FS based 2FAs.

The methods you can choose from are phone call, SMS or using the app (and using a token in the on-prem version, you can also use SMS+PIN). There are no built-in methods to use a captcha or email address, but you can use the API to create such if needed.
ASKER CERTIFIED SOLUTION
Avatar of Mahesh
Mahesh
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial