I feel you on that one, but like sir Andy says, practice practice. IT is the one field you are guaranteed to have to learn for life. It's a passion we get paid to follow!
We are so tired of our users clicking phishing links, entering their 365 passwords when prompted and getting their MFA token stolen from their browsers. We thought MFA would solve compromised mailboxes but bad actors always find a way...
If I may be so bold as to suggest some user training. Incorporate this into your security awareness program. Microsoft also has an excellent attack simulator that you can use.
When is Entra going to completely remove a user’s password like a consumer can currently with an outlook/hotmail account? Currently password- less still lets someone keep clicking on a signin more options until they can get a prompt for password. Password less really isn’t that at this time.
@@AndyMaloneMVP I’ve been testing the passwordless experience for windows and saw the option to use a companion device for login. Do you have some insight into how that works? Passwordless experience basically remove the option to log in using passwords. But how does the companion device work and what devices do they refer to?
Hi as microsoft partnaire did you know the way to contact Microsoft when all your Microsoft Business Premium account are said doesn't exist. We are facing this issue since Friday but until now can't get in touch with the appropriate support to help us solve the issue. Thanks
This solution is inherently a cloud based solution using Entra. It has no relevance to AD on-premise. The underlying thought process is that AD on-premise is generally used on an internal network protected by a firewall. 365 authentication goes out over the public internet which has much more inherent risk, and Microsoft is developing authentication protection like phishing resistant MFA to encourage people to trust 365. You can use phishing resistant MFA on premise, like Windows Hello for Business, and others using 3rd party solutions. But this is a Microsoft Entra/cloud specific video.
So now scammers can "prove" who they are by stealing devices... 😂😂😂 No! Passwords are the standard for a reason. If you somehow unlock my phone, you still have to figure out the passwords for each of my accounts. Passkeys offer no such protection. Once the hacker gets past layer one, you're screwed. I'll stick with passwords.
Great presentation Andy, interesting stuff!
Many thanks!
Hi Andy, can you make a video on Intune? especially for hybird joined domain PC?, enjoyed your video as always.
Pretty please??
Brilliant information
Glad you think so!
Great content!
dope stuff andy
Microsoft Entra ID is every minute and day changing, you cant keep up with the changing with new updates!
Practice practice :-)
I feel you on that one, but like sir Andy says, practice practice. IT is the one field you are guaranteed to have to learn for life. It's a passion we get paid to follow!
Could not have come at a more perfect time! 🙌
We are so tired of our users clicking phishing links, entering their 365 passwords when prompted and getting their MFA token stolen from their browsers. We thought MFA would solve compromised mailboxes but bad actors always find a way...
If I may be so bold as to suggest some user training. Incorporate this into your security awareness program. Microsoft also has an excellent attack simulator that you can use.
Perfect explanation. Thank you for being who you are!
Thanks!
Thanks so much :-)
Another top quality video. Thank you Andy!
Great info, Imma have to watch this a few more times to get all that info in my thick skull. Thank you sir Andy!
Have you gotten passkeys on mobile via the MS authentication app to work ?
Yes
@@AndyMaloneMVPwhen I go to add a security key, I only see usb or nfc device 😢
When is Entra going to completely remove a user’s password like a consumer can currently with an outlook/hotmail account? Currently password- less still lets someone keep clicking on a signin more options until they can get a prompt for password. Password less really isn’t that at this time.
Coming soon
So….. when does passkey support come to Microsoft 365? We are a few months behind schedule already
I totally agree with you 😊 I asked the very same question just a month ago in Redmond. It’s coming soon was the answer 😉
@@AndyMaloneMVP I’ve been testing the passwordless experience for windows and saw the option to use a companion device for login. Do you have some insight into how that works? Passwordless experience basically remove the option to log in using passwords. But how does the companion device work and what devices do they refer to?
Super cool, how to implement for device logon? 😁
Coming soon🙂
Hi as microsoft partnaire did you know the way to contact Microsoft when all your Microsoft Business Premium account are said doesn't exist. We are facing this issue since Friday but until now can't get in touch with the appropriate support to help us solve the issue. Thanks
I feel for you. Support can be a nightmare. Keep trying though they will come back to you.
@@AndyMaloneMVP Okay thanks
Thanks for your videos. The audio sounds a bit muffled.
I recorded this one on a hotel, my apologies
Does this deal with the weakness around session cookies being stolen that has been an issue recently?
This is no longer an issue as you can fix this issue by using conditional access. I covered this recently in my security video.
@@AndyMaloneMVP ah OK, that's good to hear!
And how does this work with people who are using AD on-premise?
It does not yet. See upcoming Windows 2025
This solution is inherently a cloud based solution using Entra. It has no relevance to AD on-premise. The underlying thought process is that AD on-premise is generally used on an internal network protected by a firewall. 365 authentication goes out over the public internet which has much more inherent risk, and Microsoft is developing authentication protection like phishing resistant MFA to encourage people to trust 365. You can use phishing resistant MFA on premise, like Windows Hello for Business, and others using 3rd party solutions. But this is a Microsoft Entra/cloud specific video.
Why do all Microsoft people use Mac and not windows?
Trust me once you go Mac you’ll never go back 👍
entra cant ever stay still lol
So now scammers can "prove" who they are by stealing devices... 😂😂😂
No! Passwords are the standard for a reason. If you somehow unlock my phone, you still have to figure out the passwords for each of my accounts. Passkeys offer no such protection. Once the hacker gets past layer one, you're screwed.
I'll stick with passwords.
Scammers would not be able to prove who they are because this type of MFA is linked to biometrics not passwords