Microsoft is looking to better protect hybrid workers connecting to its Azure Active Directory (AD) service via iOS or Android endpoints (opens in new tab) from phishing and password (opens in new tab)-stealing attacks. The company has introduced a new authentication method for the enterprise identity service that it says is a paswordless, certificate-based authentication (CBA) one, enabled through the YubiKey hardware security key, built by Yubico. According to Microsoft’s announcement, the tool will give mobile users Federal Information Processing Standards (FIPS) certified login solution, fully resistant to phishing attacks.
…
Read more