Channel 9 Live: Final TechEd Countdown Show
Description
Rick with Corey Sanders, Principal Group Program Manager, Windows Azure.
Share
Download
Event Homepage
TechEd North America 2014More episodes in this series
Channel 9 Live: Wally Mead - Then and Now
Related episodes
Update on Azure IaaS
Azure IaaS Virtual Machines Inside Out
Azure IaaS (and More) Update
Open Q&A: About Microsoft Azure
Azure Compute: New features and roadmap
Distributed Applications with Docker and Service Fabric
Developer Panel with Julia Liuson, Scott Hanselman, Miguel de Icaza and others
Live Q&A: Microsoft Azure with Corey Sanders
Futures Directions of the Cloud, Q&A with Corey Sanders
How to build highly scalable IaaS Solutions
The Discussion
-
carlospinedag Could Azure include OTP two-factor authentication (like AWS) for login into portal?
Answer by Corey Sanders in the video at minute 23:24.
-
carlospinedag Two-factor authentication must comply, at least: 1) "something only the user knows" (aka password), 2) "something only the user has".
Two-factor authentication with phone or email are not effective because communication can be "known" by the service provider. Phone and email ARE NOT "something only the user has"
-
carlospinedag I found the following interesting article:
"Leverage Windows Azure Multi-Factor Authentication with Windows Azure AD", Philippe Beraud, Microsoft France
This white paper explains the differents options for Multi-factor authentication in Azure AD. In fact the Time-based One Time Password athentication (TOTP) (RFC 6238) is supported by Azure using a mobile app, but not using a token device.
On the other hand, AWS can use a mobile app or a token device (Gemalto), wich is much more secure because secret key is stored in a secure memory into token device.