Introduction
One of the main features of an identity platform is to verify, or authenticate, credentials when a user signs in to a device, application, or service. In Microsoft Entra ID, authentication involves more than just verifying a username and password. To improve security and reduce the need for help desk assistance, Microsoft Entra authentication includes the following components:
- Self-service password reset
- Multifactor authentication
- Hybrid integration to write password changes back to on-premises environment
- Hybrid integration to enforce password protection policies for an on-premises environment
- Passwordless authentication
- Authentication to virtual machines
This module examines these components and explains how to plan, implement, and manage user authentication in Microsoft Entra ID.
Learning objectives
In this module, you will:
- Administer authentication methods (FIDO2/Passwordless).
- Implement an authentication solution based on Windows Hello for Business.
- Configure and deploy self-service password reset.
- Deploy and manage password protection and smart lockouts.
- Implement Kerberos and certificate-based authentication.
- Configure Microsoft Entra user authentication to virtual machines.