Tag: Entra ID

Phishing keeps bypassing legacy MFA. Reverse-proxy kits intercept one-time codes and session cookies, allowing attackers to sidestep prompts entirely. Microsoft Entra ID’s phishing-resistant MFA blocks this by binding sign-in to a device-backed key, such as passkeys, FIDO2 security keys, or Windows Hello for Business and requiring real user presence. You can pilot it in Report-only […]

Temporary Access Pass and custom banned passwords in Microsoft Entra ID Temporary Access Pass (TAP) and custom banned passwords strengthen sign-in security in Microsoft Entra ID. Used together with Self-Service Password Reset (SSPR) and the My Staff portal, they reduce helpdesk load while enforcing strong password rules. This guide explains what they do, how to […]

Break glass accounts exist for moments like this “My entire Microsoft 365 organisation is down. I can’t even log in as the admin.” This was the cry for help from a sysadmin whose tenant became completely inaccessible due to a misconfigured MFA policy. Microsoft Teams? Down. SharePoint? Inaccessible. Admin centre? Locked out. Even the global […]