We currently are using Azure AD for O365 and will eventually do the AD connect.
With the MFA function does the MFA require you to log in on a desktop then brings up the second authentication?
Does MFA protect the desktop or only the O365 apps?
We currently are using Azure AD for O365 and will eventually do the AD connect.
With the MFA function does the MFA require you to log in on a desktop then brings up the second authentication?
Does MFA protect the desktop or only the O365 apps?
@JackieButler-5216
I wanted to follow up and know if the below response helped in answering your query. If it did, please accept the appropriate response as answer for the benefit of community. If it did not, please let us know so that we can help you further.
MFA protects the 365 apps and portal access so you wont prompted till you access the Azure/365 portals or apps.
MFA Desktop protection can managed with Windows Hello:
https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-identity-verification
or with Virtual Desktop:
https://docs.microsoft.com/en-us/azure/virtual-desktop/set-up-mfa
If the device doesn't have windows hello can MFA still be used to protect the desktop at sign in?
Not natively.
There are other solutions that require 3rd party software. Example:
https://james-rankin.com/articles/adding-microsoft-authenticator-mfa-to-windows-logon-using-manageengine-ad-self-service-plus/
4 people are following this question.