1. Home
  2. Training Library
  3. Microsoft Azure
  4. Courses
  5. Implementing Multi-Factor Authentication on Azure


Start course

Multi-factor authentication or MFA is no longer optional, and it is paramount that you protect not only your privileged accounts but enable it for all accounts. Azure Active Directory offers the ability to secure your identities with an additional authentication method. Verification of your identity can be done via an automated voice call, text message, through the Microsoft Authenticator app, or with a verification code.

Azure multi-factor authentication can be enforced using different methods. We will configure the user settings to give the ability to a user to report fraudulent attempts on their accounts. We will also review how an administrator can provide a one-time bypass code and whitelist trusted locations to bypass the two-step verification. Lastly, you will see how to configure Azure Active Directory conditional access to enforce MFA on cloud-based applications.

Learning Objectives

  • Identify the different methods of enabling two-step verification
  • Configure multi-factor authentication for users
  • Configure settings for MFA
  • Implement Azure Active Directory conditional access for MFA

Intended Audience

  • People who want to become Azure administrators
  • People preparing for Microsoft’s AZ-303 exam


  • General knowledge of Azure Active Directory

Related Training Content

To see more Microsoft Azurecontent, visit our Azure Training Library.


I hope you enjoyed learning about implementing Multi-Factor Authentication on Azure. Let's review what you learned in this course. Azure Multi-Factor Authentication adds additional security by requiring a second form of authentication and is delivered via a range of easy-to-use authentication methods. The second form of authentication can be an automated voice call, or an SMS message containing a verification code, or a notification through the Microsoft Authenticator app, or using verification codes using the authenticator app or a third party app. Azure multi-factor authentication can be enabled through Azure Active Directory by changing the user state. All users start off as disabled and the administrator can enable multi-factor authentication on a per-user basis. 

Once the user has completed the registration process, the user state changes to enforced. Azure multi-factor authentication includes the ability to report fraud alerts. This empowers a user to proactively report attempts of someone trying to use their account. Users can report fraud alerts through the Microsoft Authenticator app by denying the approve request or when receiving the automated phone call by entering the fraud code. In the event you are unable to provide the second form of authentication, you can contact your administrator for a one-time bypass code to bypass the two-step verification. Trusted IPs feature of Azure's multi-factor authentication is configured by your administrator to bypass two-step verification for users who sign in from the corporate network, but will be prompted by multi-factor authentication elsewhere. Azure Active Directory conditional access enables you to enforce controls on access to cloud-based application based on a set of defined conditions. 

With conditional access, we can enforce the use of multi-factor authentication to cloud-based application like the Azure portal when not accessing it from the corporate network. To learn more about implementing and managing Multi-Factor Authentication, be sure to read Microsoft documentation. Be sure to also watch for new Microsoft Azure courses on Cloud Academy because we're always publishing new courses. Please give this course a rating and if you have any questions or comments, please let us know. Thanks for watching and happy learning.

About the Author

With over 15 years of experience in the IT industry, Eric Leonard is a Microsoft Azure MVP and a Cloud Solution Architect. Eric’s experience working with Microsoft technologies, with a strong emphasis on cloud and automation solutions, enables his clients to succeed in today’s technological environment. Eric has worked for clients in a variety of different industries including large and small enterprises, the public sector, professional services, education, and communications.

When he is not working, Eric believes in sharing his knowledge and giving back to the IT community. He is the co-organizer of the Ottawa IT community meetup, which has over 1,000 members, and he enjoys presenting and mentoring in the community.