Channel 9 Live: Final TechEd Countdown Show
Description
Rick with Corey Sanders, Principal Group Program Manager, Windows Azure.
Share
Download
Event Homepage
TechEd North America 2014More episodes in this series
Channel 9 Live: Wally Mead - Then and Now
Related episodes
Update on Azure IaaS
Azure IaaS Virtual Machines Inside Out
Azure IaaS (and More) Update
Cloud Migration App Development
App Modernization with Microsoft Azure
Why Developers Should Care about Infrastructure, an Executive Panel
Application modernization with Microsoft Azure
Azure Compute: New features and roadmap
Cloud trends and open Q&A with Mark Russinovich and Corey Sanders
Open Q&A: About Microsoft Azure
The Discussion
-
carlospinedag Could Azure include OTP two-factor authentication (like AWS) for login into portal?
Answer by Corey Sanders in the video at minute 23:24.
-
carlospinedag Two-factor authentication must comply, at least: 1) "something only the user knows" (aka password), 2) "something only the user has".
Two-factor authentication with phone or email are not effective because communication can be "known" by the service provider. Phone and email ARE NOT "something only the user has"
-
carlospinedag I found the following interesting article:
"Leverage Windows Azure Multi-Factor Authentication with Windows Azure AD", Philippe Beraud, Microsoft France
This white paper explains the differents options for Multi-factor authentication in Azure AD. In fact the Time-based One Time Password athentication (TOTP) (RFC 6238) is supported by Azure using a mobile app, but not using a token device.
On the other hand, AWS can use a mobile app or a token device (Gemalto), wich is much more secure because secret key is stored in a secure memory into token device.