{"id":1106,"date":"2020-11-06T21:31:08","date_gmt":"2020-11-06T21:31:08","guid":{"rendered":"https:\/\/regroove.ca\/stellark\/?p=1106"},"modified":"2023-02-24T17:49:27","modified_gmt":"2023-02-24T17:49:27","slug":"azure-mfa-using-hardware-tokens","status":"publish","type":"post","link":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/","title":{"rendered":"Azure MFA using hardware tokens"},"content":{"rendered":"\n

MFA (Multi factor authentication) <\/h4>\n\n\n\n
\n
\n
\"Word<\/figure>
\n

What is it?<\/strong><\/h3>\n\n\n\n

Something you know<\/strong> – password<\/p>\n\n\n\n

Something you have<\/strong> – phone or token<\/p>\n\n\n\n

Something you are<\/strong> – biometrics (fingerprint, face scan)<\/p>\n<\/div><\/div>\n<\/div>\n\n\n\n

What?<\/h2>\n\n\n\n

MFA is all the rage these days, and so it should be. It allows users to add multiple layers of security to protect their identity, their assets and their companies data and assets.<\/p>\n\n\n\n

So What?<\/h2>\n\n\n\n

Typical requirements for MFA usually require the user to have a mobile phone. This then enables calls, texts and applications such as the Microsoft Authenticator app to act as possible verification options during the MFA process.<\/p>\n\n\n\n

But what if the user doesn’t have a mobile phone? Or has one but doesn’t want to use their personal device for work?<\/p>\n\n\n\n

Enter the alternative option…Hardware Tokens<\/strong>!<\/p>\n\n\n\n

Now What?<\/h2>\n\n\n\n

Azure AD supports the use of OATH-TOTP SHA-1 tokens that refresh codes every 30 or 60 seconds. Customers can purchase these tokens from the vendor of their choice.<\/a><\/p>\n\n\n\n

We have looked at one vendor in particular called Token2<\/a><\/p>\n\n\n\n

They offer tokens that work with Azure AD MFA, they can be purchased as single tokens or as volume orders, the order process was simple and delivery (even during Covid-19) was relatively quick. <\/p>\n\n\n\n

They provided an encrypted\/zipped file that contained all the necessary information in .csv format (Azure AD .csv requirements)<\/a> to upload to Azure AD MFA. Once uploaded it was equally as easy to activate the token for the assigned user. <\/p>\n\n\n\n

NOTE: Before you upload the file you will need to edit it in notepad and enter the UPN of the user that will use the token. Do not edit in Excel else it will break functionality of the file once uploaded.<\/strong><\/p>\n\n\n\n

The token experience – My MFA Arsenal<\/h2>\n\n\n\n
\"\"
I started by uploading the .csv file to Azure AD. I wanted to be thorough in my review of these tokens so I tested a few different models.<\/figcaption><\/figure>\n<\/div>\n\n\n\n
\"\"
Once a token was activated it became available as an alternate method of authentication in my security settings of my user account<\/figcaption><\/figure>\n\n\n\n
\"\"
To use the new token for authentication I needed to change the Default sign-in method.
<\/figcaption><\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n

In conclusion…<\/h2>\n\n\n\n

Tokens provide an alternative to otherwise requiring mobile phones for MFA verification. <\/p>\n\n\n\n

Token2<\/a> in particular made the process easy to order, receive, upload information and configure the device for use.<\/p>\n\n\n\n

Their support process (something that is very, very important to me) was also quick (within an hour or less of submitting an email) and I was happily surprised when one of their support personnel even reached out to me via an MS Teams chat when I had questions.<\/p>\n","protected":false},"excerpt":{"rendered":"

MFA (Multi factor authentication) What is it? Something you know – password Something you have – phone or token Something you are – biometrics (fingerprint, face scan) What? MFA is all the rage these days, and so it should be. It allows users to add multiple layers of security to protect their identity, their assets … <\/a><\/p>\n","protected":false},"author":11,"featured_media":1118,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[77],"tags":[260,261,163,262,202,263],"acf":[],"yoast_head":"\nAzure MFA using hardware tokens - Stephanie Kahlam<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Azure MFA using hardware tokens - Stephanie Kahlam\" \/>\n<meta property=\"og:description\" content=\"MFA (Multi factor authentication) What is it? Something you know – password Something you have – phone or token Something you are – biometrics (fingerprint, face scan) What? MFA is all the rage these days, and so it should be. It allows users to add multiple layers of security to protect their identity, their assets …\" \/>\n<meta property=\"og:url\" content=\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/\" \/>\n<meta property=\"og:site_name\" content=\"Stephanie Kahlam\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-06T21:31:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-24T17:49:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png\" \/>\n\t<meta property=\"og:image:width\" content=\"526\" \/>\n\t<meta property=\"og:image:height\" content=\"526\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Stephanie Kahlam\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Stephanie Kahlam\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/\",\"url\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/\",\"name\":\"Azure MFA using hardware tokens - Stephanie Kahlam\",\"isPartOf\":{\"@id\":\"https:\/\/regroove.ca\/stellark\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png\",\"datePublished\":\"2020-11-06T21:31:08+00:00\",\"dateModified\":\"2023-02-24T17:49:27+00:00\",\"author\":{\"@id\":\"https:\/\/regroove.ca\/stellark\/#\/schema\/person\/175e89cb69612178b2ac838c0bab6149\"},\"breadcrumb\":{\"@id\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#primaryimage\",\"url\":\"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png\",\"contentUrl\":\"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png\",\"width\":526,\"height\":526},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Stellark Home\",\"item\":\"https:\/\/regroove.ca\/stellark\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Azure MFA using hardware tokens\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/regroove.ca\/stellark\/#website\",\"url\":\"https:\/\/regroove.ca\/stellark\/\",\"name\":\"Stephanie Kahlam\",\"description\":\"Microsoft 365 and SMB.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/regroove.ca\/stellark\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/regroove.ca\/stellark\/#\/schema\/person\/175e89cb69612178b2ac838c0bab6149\",\"name\":\"Stephanie Kahlam\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/regroove.ca\/stellark\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/398b95e23dc9eaf37a780b86a239b485?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/398b95e23dc9eaf37a780b86a239b485?s=96&d=mm&r=g\",\"caption\":\"Stephanie Kahlam\"},\"url\":\"https:\/\/regroove.ca\/stellark\/author\/skahlam\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Azure MFA using hardware tokens - Stephanie Kahlam","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/","og_locale":"en_US","og_type":"article","og_title":"Azure MFA using hardware tokens - Stephanie Kahlam","og_description":"MFA (Multi factor authentication) What is it? Something you know – password Something you have – phone or token Something you are – biometrics (fingerprint, face scan) What? MFA is all the rage these days, and so it should be. It allows users to add multiple layers of security to protect their identity, their assets …","og_url":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/","og_site_name":"Stephanie Kahlam","article_published_time":"2020-11-06T21:31:08+00:00","article_modified_time":"2023-02-24T17:49:27+00:00","og_image":[{"width":526,"height":526,"url":"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png","type":"image\/png"}],"author":"Stephanie Kahlam","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Stephanie Kahlam","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/","url":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/","name":"Azure MFA using hardware tokens - Stephanie Kahlam","isPartOf":{"@id":"https:\/\/regroove.ca\/stellark\/#website"},"primaryImageOfPage":{"@id":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#primaryimage"},"image":{"@id":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#primaryimage"},"thumbnailUrl":"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png","datePublished":"2020-11-06T21:31:08+00:00","dateModified":"2023-02-24T17:49:27+00:00","author":{"@id":"https:\/\/regroove.ca\/stellark\/#\/schema\/person\/175e89cb69612178b2ac838c0bab6149"},"breadcrumb":{"@id":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#primaryimage","url":"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png","contentUrl":"https:\/\/regroove.ca\/stellark\/wp-content\/uploads\/sites\/3\/2020\/11\/otp.png","width":526,"height":526},{"@type":"BreadcrumbList","@id":"https:\/\/regroove.ca\/stellark\/2020\/11\/06\/azure-mfa-using-hardware-tokens\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Stellark Home","item":"https:\/\/regroove.ca\/stellark\/"},{"@type":"ListItem","position":2,"name":"Azure MFA using hardware tokens"}]},{"@type":"WebSite","@id":"https:\/\/regroove.ca\/stellark\/#website","url":"https:\/\/regroove.ca\/stellark\/","name":"Stephanie Kahlam","description":"Microsoft 365 and SMB.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/regroove.ca\/stellark\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/regroove.ca\/stellark\/#\/schema\/person\/175e89cb69612178b2ac838c0bab6149","name":"Stephanie Kahlam","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/regroove.ca\/stellark\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/398b95e23dc9eaf37a780b86a239b485?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/398b95e23dc9eaf37a780b86a239b485?s=96&d=mm&r=g","caption":"Stephanie Kahlam"},"url":"https:\/\/regroove.ca\/stellark\/author\/skahlam\/"}]}},"_links":{"self":[{"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/posts\/1106"}],"collection":[{"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/comments?post=1106"}],"version-history":[{"count":8,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/posts\/1106\/revisions"}],"predecessor-version":[{"id":1387,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/posts\/1106\/revisions\/1387"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/media\/1118"}],"wp:attachment":[{"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/media?parent=1106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/categories?post=1106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/regroove.ca\/stellark\/wp-json\/wp\/v2\/tags?post=1106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}