What are Authentication Strengths?
Authentication strengths are a security control used in access management systems, particularly those offered by Microsoft Entra (formerly Azure Active Directory). It allows administrators to define the types of authentication methods users must employ to access specific resources. This adds an extra layer of security by ensuring access attempts use stronger authentication methods.
Here’s a breakdown of the key points:
- Conditional access: Authentication strengths work alongside Conditional Access policies. These policies define rules for user access based on various factors like location, device, and risk level.
- Focuses on method type: Authentication strengths don’t dictate specific passwords or credentials. Instead, they specify the type of authentication method required (e.g., password only, multi-factor authentication with specific factors).
- Security levels: Different authentication methods offer varying levels of security. For instance, a password alone is weaker than multi-factor authentication using a security key. Authentication strengths allow administrators to require stronger methods for accessing sensitive resources.
- Analogy: Imagine a high-security building with different access levels. A basic access card might grant access to a reception while a more sensitive area requires a fingerprint scan in addition to the swipe card. Authentication strengths function similarly, requiring stronger “authentication methods” for critical resources.
