Entries:
Comments:
Posts:

Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Channel 9 Live: Cloud for IT Professionals

Download

Right click “Save as…”

  • MP3 (Audio only)
  • MP4 (iPhone, Android)
  • High Quality MP4 (iPad, PC, Xbox)
  • Mid Quality MP4 (Windows Phone, HTML5, iPhone)

Rick with Corey Sanders, Principal Group Program Manager, Windows Azure.

Follow the Discussion

  • Could Azure include OTP two-factor authentication (like AWS) for login into portal?

    Answer by Corey Sanders in the video at minute 23:24.

  • Two-factor authentication must comply, at least: 1) "something only the user knows" (aka password), 2) "something only the user has".

    Two-factor authentication with phone or email are not effective because communication can be "known" by the service provider. Phone and email ARE NOT "something only the user has"

  • I found the following interesting article:

    "Leverage Windows Azure Multi-Factor Authentication with Windows Azure AD", Philippe Beraud, Microsoft France

    This white paper explains the differents options for Multi-factor authentication in Azure AD. In fact the Time-based One Time Password athentication (TOTP) (RFC 6238) is supported by Azure using a mobile app, but not using a token device.

    On the other hand, AWS can use a mobile app or a token device (Gemalto), wich is much more secure because secret key is stored in a secure memory into token device.

Remove this comment

Remove this thread

close

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.