2fa app fortnite

By | April 10, 2022

[music] Swetha Rai: Hello, and welcome to the Deep Dive Series on Azure Ad Architecture. I’m Swetha Rai, and I work for Microsoft’s Azure Ad Engineering team as a program manager. And my name is James Poindexter, and I’m a Program Manager on the Azure Ad Engineering Team. Swetha: We’re a part of the Customer Experience Team, and we help businesses and enterprises all over the world deploy our services and migrate to the cloud. A Lot Of People Have Asked Us How Azure Works.

We’ll show you how advertising works under the hood throughout this architecture series. The Registration Process For Passwordless Phone Sign-in On The Device Using The Microsoft Authenticator Was Covered In The Previous Video. We’ll take a closer look at the process that occurs when a user signs in with Microsoft Authenticator in today’s session. We’re assuming that the user has already registered at this point.

For Sign-in via Phone Without a Password If you’d like to learn more about this process, watch our previous video on registering for Microsoft Authenticator Passwordless Authentication or go to Akamai. ms/no-password So, let’s say our user wants to sign into their work account to access a company resource, but they haven’t authenticated yet. But not yet Users are presented with a number after typing their username on the web page and selecting Next, and are prompted to match that number on their mobile device. They will be granted access instead of having to use their password if they are successful. Let’s take a look at what’s going on behind the scenes now. Our user in the previous example wants to

Obtain a Company Resource Authentication Services determines that the user is attempting to sign in using Microsoft Authenticator when they type in their User Principal Name and submit it to Azure Ad. Following authentication, services will generate a few items. It Will Create A Session For This Authentication To Begin With. It will also produce a set of three pseudo-randomly generated two-digit numbers. One number will be sent to the browser to be displayed on the web page, while the remaining three numbers will be sent to the Authenticator App via a push notification via the Apple or Google Cloud Messaging Systems. The user is then given three numbers to choose from. Complement The Number Displayed On The Browser The user can also choose to refuse the request, which will end the session and, as a result, the authentication process. When a user selects the code displayed in the Authenticator, they will be taken to a page where they can enter their information. Then you’ll be asked for the device.

Biometric Gesture Or Pin The Device Pin or Biometric Gesture Is Used To Gain Access To The Device’s Private Key. Swetha: So, James, why do we require the user to match the number when the private key can only be accessed via the device pin or biometrics? James: Excellent question. From a technical standpoint, the Private Sector

Only the device pin or biometrics can be used to unlock and access keys. This extra step is nothing more than proof of presence.

To Avoid Accidentally Approving The Wrong Notification, Make Sure You’re In Front Of The Browser. The Private Key Is Then Used To Sign A Nonce And It Is Then Returned To

Authentication Services, which checks if the user correctly matched the number on the authenticator and verifies the signed node. Finally, Authentication Services generates a token and presents it to the browser after validating the signed none and the number selected by the user. The User Is Authenticated To Access The Resource At This Point, And The Flow Is Completed. Swetha: We Hope This Video Was Beneficial To You. We’ll also be adding more videos on Passwordless, including offerings like Windows Hello for Business and Fido2 Security Keys, as well as other topics like provisioning and governance. If You Really Want To If you’d like a copy of the diagrams we used today, or if you’d like to provide feedback and assist us in determining what to cover, please click the link in the description below. Thank you for watching, James. Swetha: I appreciate it. You, on the other hand, [instrumental music]