Configuring Phishing-Resistant MFA
To ensure that a Conditional Access policy enforces phishing-resistant MFA, you must configure the Grant control. Within the Grant control, you can select the option to Require multifactor authentication and then specify the authentication strength to include methods like FIDO2 security keys, which are considered phishing-resistant. This directly enforces the requirement for users to provide a valid, secure form of authentication that is resistant to phishing attacks before they can access the resource.
No comments:
Post a Comment