Phishing keeps bypassing legacy MFA. Reverse-proxy kits intercept one-time codes and session cookies, allowing attackers to sidestep prompts entirely. Microsoft Entra ID’s phishing-resistant MFA blocks this by binding sign-in to a device-backed key, such as passkeys, FIDO2 security keys, or Windows Hello for Business and requiring real user presence. You can pilot it in Report-only […]

Microsoft Entra passkeys are no longer something you can quietly ignore and “come back to later”. They are being pushed into tenants, surfaced during registration campaigns, and slowly becoming the direction Microsoft wants They are being surfaced more often in the platform, registration campaigns can bring them in front of users earlier than expected, and […]

Conditional Access (CA) policies are one of the strongest defences in Microsoft Entra ID , but they can also be dangerous when misconfigured. A single mistake can lock out every user, including your global administrators. That’s why the What-If Tool exists. It allows you to test Conditional Access policies safely before enforcing them, helping you […]