Channel 9 Live: Cloud for IT Professionals

Download this episode

Download Video

Download captions

Download Captions

Description

Rick with Corey Sanders, Principal Group Program Manager, Windows Azure.

Day:

1

Session Type:

Channel 9 Live

Code:

C9-03

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • User profile image
      carlospined​ag

      Could Azure include OTP two-factor authentication (like AWS) for login into portal?

      Answer by Corey Sanders in the video at minute 23:24.

    • User profile image
      carlospined​ag

      Two-factor authentication must comply, at least: 1) "something only the user knows" (aka password), 2) "something only the user has".

      Two-factor authentication with phone or email are not effective because communication can be "known" by the service provider. Phone and email ARE NOT "something only the user has"

    • User profile image
      carlospined​ag

      I found the following interesting article:

      "Leverage Windows Azure Multi-Factor Authentication with Windows Azure AD", Philippe Beraud, Microsoft France

      This white paper explains the differents options for Multi-factor authentication in Azure AD. In fact the Time-based One Time Password athentication (TOTP) (RFC 6238) is supported by Azure using a mobile app, but not using a token device.

      On the other hand, AWS can use a mobile app or a token device (Gemalto), wich is much more secure because secret key is stored in a secure memory into token device.

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.