Multi-factor authentication disabled | Trend Micro Service Central

Views:

Multi-factor authentication (MFA) prevents unauthorized access to assets by requiring more than one form of authentication during sign-in.

Systems that use MFA grant access to data and applications only after users present two or more credentials. Commonly used credentials include passwords, PINs, tokens, and fingerprints. MFA is effective because threat actors that are able to compromise system passwords are unlikely to meet the second authentication requirement.

Note

Attack Surface Risk Management only detects this issue for Microsoft Entra ID. Active Directory does not have built-in MFA capability.

You can remediate the issue through the following methods:

System

Steps

Active Directory

Integrate third-party tools such as Cisco Duo and Google Authenticator that can confirm user identities and provide secure access to data and applications.

Microsoft Entra ID

Enable MFA using any of the following methods:

Set up conditional access policies.

For more information, see https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/plan-conditional-access.
Enable security defaults.

For more information, see https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults.
Enable per-user Microsoft Entra ID Multi-Factor Authentication.

For more information, see https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates.

Note

When you enable security defaults and per-user Microsoft Entra ID Multi-Factor Authentication, Attack Surface Risk Management infers the MFA configuration from collected sign-in activity data. This can sometimes result in false positives, particularly for accounts with few sign-in activities.