Episode
Using phishing resistant creds | Protect identities and secrets
with Sarah Young, Michael Howard, Nick Wryter
In this episode, Sarah Young, Principal Security Advocate and Michael Howard, Senior Director Microsoft Red Team discuss with guest Nick Wryter, Principal Product Manager Identity about the use of phishing resistant authentication methods in Microsoft Entra ID such as certificate-based authentication, Windows Hello for Business, FIDO2 security keys, and Microsoft Authenticator passkeys, what they are, how they work and why you should use them, as part of the Protect identities and secrets pillar of the Secure Future Initiative.
Chapters
- 00:00 - Introduction
- 01:04 - What are phishing resistant credentials
- 03:00 - Technical details of phishing resistant credentials
- 04:57 - What are passkeys
- 05:41 - Demo: setting up phishing resistant credentials in the Azure Portal
- 07:53 - Demo: registering a passkey on Microsoft Authenticator
- 09:53 - Wrap up and further learning
Recommended resources
- For more details on our customer recommendations for implementing the Secure Future Initiative in your environment
- Get started with a phishing-resistant passwordless authentication deployment in Microsoft Entra ID
- Phishing resistant authentication in Microsoft Entra ID
- Plan a phishing-resistant passwordless authentication deployment in Microsoft Entra ID
Connect
- Sarah Young | Twitter/x: @_sarahyo
- Michael Howard | Twitter/x: @michael_howard
- Nick Wryter | Twitter/X: @wryterwrites
In this episode, Sarah Young, Principal Security Advocate and Michael Howard, Senior Director Microsoft Red Team discuss with guest Nick Wryter, Principal Product Manager Identity about the use of phishing resistant authentication methods in Microsoft Entra ID such as certificate-based authentication, Windows Hello for Business, FIDO2 security keys, and Microsoft Authenticator passkeys, what they are, how they work and why you should use them, as part of the Protect identities and secrets pillar of the Secure Future Initiative.
Chapters
- 00:00 - Introduction
- 01:04 - What are phishing resistant credentials
- 03:00 - Technical details of phishing resistant credentials
- 04:57 - What are passkeys
- 05:41 - Demo: setting up phishing resistant credentials in the Azure Portal
- 07:53 - Demo: registering a passkey on Microsoft Authenticator
- 09:53 - Wrap up and further learning
Recommended resources
- For more details on our customer recommendations for implementing the Secure Future Initiative in your environment
- Get started with a phishing-resistant passwordless authentication deployment in Microsoft Entra ID
- Phishing resistant authentication in Microsoft Entra ID
- Plan a phishing-resistant passwordless authentication deployment in Microsoft Entra ID
Connect
- Sarah Young | Twitter/x: @_sarahyo
- Michael Howard | Twitter/x: @michael_howard
- Nick Wryter | Twitter/X: @wryterwrites
Have feedback? Submit an issue here.