Note-to-self: Short URL for app password in Azure MFA

When you enable MFA (Multifactor Authentication) in Azure, you can configure app passwords for applications that cannot work with the code generators, applications, phone apps to logon with MFA…

The source URL for it is: https://account.activedirectory.windowsazure.com/AppPasswords.aspx

But it’s very likely you can’t remember it anymore after a while, so train your brain for these bookmarks:

Also, these point to the same URL.

 

Advertisements

Note-to-self: You lost access to your initial Office 365 admin?

Although Microsoft has built in quite some methods to regain access to your 0365 tenant/account, you might have some bad luck one day… (experience talking here)

First of all you should try the default options, meaning : the password reset options.

The direct way to get there is the first link to bookmark: https://passwordreset.microsoftonline.com/

Another way to get there is in the 0365 logon page (also for Azure),

o365_1

If you forgot your password or can’t access the account, hit the link at the bottom.
You get directed to :

o365_2

If you know the logon, you can proceed to

o365_3

You notice that the verification is pointing to your alternative mail address or your mobile number…

But what if you forgot your original logon ID (mail address), eg in case you have setup a test tenant in 0365 with an mail address you don’t use frequently? (yes, that happens)

If that is not working or you need more help, check these options:

And if you really ran out of luck: you might raise a ticket and ask for help. https://portal.office.com/support/newsignupservicerequest.aspx

Anyway, as shown there are some options when configuring 0365 that should keep you out of trouble in the first place

  • make sure to add a mobile number to your user account
  • make sure to add a secondary email address to your account (not belonging to your O365 domain)
  • Configure and test MFA (multifactor Authentication), eg with the Authenticator app
  • add a secondary admin account with sufficient rights (with the same security measures!)

June 2017: @TroyHunt is back in Belgium for his workshop ‘Hack Yourself First’. Wanna join?

ZIONSECURITY will be welcoming Troy Hunt again. The 1st and 2nd of June, he will be leading a ‘Hack Yourself First’ workshop where he will teach professionals how to break into their own applications. Find out the program and register here!

#update: download the flyer with program and details here: Flyer Troy Hunt June.

I have been there the last time, it was great fun, lots of interaction. And I certainly would recommend you to join.

What if you really wanna join, but your boss is not willing to sponsor? (While he SHOULD!).
Or any other silly reason you can’t attend?

Well, you know, if you can provide me a very good, strong, original and unique argument why you MUST be at this workshop, you might be lucky.

You know the channels to reach out to me and test your luck.

Some suggestion, send me a direct message:
1. Comment on this post,

2. mail me, tweet me (direct message!), F@ceBook me, LinkedIn …

Convince me and it could be you sitting at the first row.

Note-to-Self: Microsoft Security Newsletter September 2014

Source: http://aka.ms/MSSecuritynewsletter

In this months newletter you’ll find guidance on:

  • Windows Phone 8.1 Security Overview
  • Windows Phone Security Forum for IT Pros
  • Create Stronger Passwords and Protect Them
    • Inlcuding  free online tool offered by Microsoft Research, called Telepathwords, for those that would rather have a randomly generated strong password created for them.
  • Two-Factor Authentication for Office 365
  • Multi-Factor Authentication for Office 365
  • Configuring Two-Factor Authentication in Lync Server 2013
  • Adding Multi-Factor Authentication to Azure Active Directory
  • Enabling Multi-Factor Authentication for On-Premises Applications and Windows Server
  • Building Multi-Factor Authentication into Custom Apps

And:

  • Get Started with Virtual Smart Cards

Plus much more… check it out at http://aka.ms/MSSecuritynewsletter