Category: Microsoft Entra

Phishing keeps bypassing legacy MFA. Reverse-proxy kits intercept one-time codes and session cookies, allowing attackers to sidestep prompts entirely. Microsoft Entra ID’s phishing-resistant MFA blocks this by binding sign-in to a device-backed key, such as passkeys, FIDO2 security keys, or Windows Hello for Business and requiring real user presence. You can pilot it in Report-only […]

Temporary Access Pass and custom banned passwords in Microsoft Entra ID Temporary Access Pass (TAP) and custom banned passwords strengthen sign-in security in Microsoft Entra ID. Used together with Self-Service Password Reset (SSPR) and the My Staff portal, they reduce helpdesk load while enforcing strong password rules. This guide explains what they do, how to […]

Automate onboarding and offboarding with Microsoft Entra Lifecycle Workflows Microsoft Entra Lifecycle Workflows lets you automate user onboarding, role changes and offboarding so access is provisioned and removed on time, every time. This guide covers prerequisites, setup for onboarding and offboarding, and the checks to keep runs reliable. Never miss an article and subscribe This […]

Break glass accounts exist for moments like this “My entire Microsoft 365 organisation is down. I can’t even log in as the admin.” This was the cry for help from a sysadmin whose tenant became completely inaccessible due to a misconfigured MFA policy. Microsoft Teams? Down. SharePoint? Inaccessible. Admin centre? Locked out. Even the global […]