ASD's Blueprint for Secure Cloud

Authentication strengths

This page describes the configuration of authentication strengths within Microsoft Entra ID associated with systems built according to the guidance provided by ASD's Blueprint for Secure Cloud.

Estimated reading time: 1 minute

ItemValue
Phishing-resistant MFA and TAP
NamePhishing-resistant MFA and TAP
Phishing-resistant MFAWindows Hello For Business
Passkeys (FIDO2)
Certificate-based Authentication (Multifactor)
Multifactor authenticationTemporary Access Pass (One-time use)
Temporary Access Pass (Multi-use)

New authentication strengths can take some time to appear for use in Conditional Access policy drop-downs.

Security & Governance

Design

Configuration

References

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra