Late last year I saw an unexpected UX failure when adding a new Microsoft Authenticator app as the MFA method. It appears that a few months later the issue still persists.
Resolving Microsoft Authenticator Timeout
· 3 min read
4 posts tagged with "ms365"
View All TagsMicrosoft Graph Powershell and the dreaded Admin Consent
· 5 min read
As of the end of June 2023 March 2024, Powershell modules AzureAD, AzureADPreview, and MSOnline will be deprecated. The provided replacement is Microsoft Graph Powershell.
However, you may be surprised to find out just what's required in order to get it working, and may find that you need to re-evaluate your Powershell automation projects.
Bypassing MFA with Phishing, Part 2
· 4 min read
Following from the prior post discussing MFA use cases and bypasses, this post expands on the prior article and adds further ideas on protecting your users' identities.
Bypassing MFA with Phishing, Part 1
· 5 min read
Ever since Multi Factor Authentication (MFA) started gaining popularity as a means to limit the usefulness of stolen credentials, it was only a matter of time before attackers adapted to the new reality (as demanded by the Red Queen Effect).
In this article I look at common MFA methods that are not phishing resistant, as well as a recent attack that bypasses MFA.
Check the follow-up post for a different take on bypassing MFA and the resulting implications.