Secure access to resources with multifactor authentication
Help protect your organization against breaches due to lost or stolen credentials with strong authentication. Secure any app with just one step.
What is multifactor authentication (MFA)?
Multifactor authentication (MFA) adds a layer of protection to the sign-in process. When accessing accounts or apps, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone.
Why use multifactor authentication (MFA)?
Multifactor authentication in Azure AD
Azure AD offers a broad range of flexible multifactor authentication (MFA) methods—such as texts, calls, biometrics, and one-time passcodes—to meet the unique needs of your organization and help keep your users protected.
Azure AD multifactor authentication (MFA) helps safeguard access to data and apps while maintaining simplicity for users. It provides additional security by requiring a second form of verification and delivers strong authentication through a range of easy-to-use validation methods.
Choose the right technology
Azure AD multifactor authentication (MFA) works by requiring two or more verification methods.
Microsoft Authenticator
Approve sign-ins from a mobile app using push notifications, biometrics, or one-time passcodes. Augment or replace passwords with two-step verification and boost the security of your accounts from your mobile device.
Windows Hello for Business
Replace your passwords with strong two-factor authentication (2FA) on Windows 10 devices. Use a credential tied to your device along with a PIN, a fingerprint, or facial recognition to protect your accounts.
FIDO2 security keys
Sign in without a username or password using an external USB, near-field communication (NFC), or other external security key that supports Fast Identity Online (FIDO) standards in place of a password.
Hardware tokens
Automatically generate a one-time password (OTP) based on open authentication (OATH) standards from a physical device.
Software tokens
Use the Microsoft Authenticator app or other apps to generate an OATH verification code as a second form of authentication.
SMS and voice
Receive a code on your mobile phone via SMS or voice call to augment your password security.