Phishing-resistant authentication in Microsoft Entra ID

In this video series, we guide you through the basics of phishing-resistant authentication methods in Microsoft Entra ID. Multifactor authentication is one of the most effective controls to prevent an adversary from gaining access to sensitive information.

Watch the following videos, or visit the Phishing Resistant Authentication in Microsoft Entra ID video series, for guidance on how to configure phishing-resistant multifactor authentication methods.

To learn more, see Windows Hello for Business, certificate-based authentication, and passkeys formally FIDO2 security keys. In addition, learn about Microsoft Entra Conditional Access, which brings signals together to inform decision making, and enforces organizational policies.

Video title Video
Why phishing resistant authentication is important
Join Alex Weinert, VP Identity and Network Access Security, in a discussion about the current threat landscape and why implementing phishing-resistant authentication should be a priority for your organization. (12:40)
Get started with phishing-resistant multifactor authentication
Join Ehud Itshaki, Principal Product Manager, for a technical deep dive on how Microsoft Entra ID authentication methods achieve their phishing-resistant properties by implementing open standards. Learn about the meaning of phishing and real-time phishing-flows. (10:24)
Phishing-resistant multifactor authentication methods available in Microsoft Entra ID
Join Keith Brewer, Principal Product Manager, for an overview of the four phishing-resistant authentication methods available in Microsoft Entra ID. (5:13)
Windows Hello for Business and cloud Kerberos trust provisioning
Join Bailey Bercik, Senior Product Manager and Merill Fernando, Principal Product Manager to learn about Windows Hello for Business and how deployment is easier with the cloud Kerberos deployment model. (8:08)

Configure Windows Hello for Business for passwordless authentication
Join Merill Fernando, Principal Product Manager, and Bailey Bercik, Senior Product Manager for a discussion about deploying the Windows Hello for Business cloud Kerberos model. (8:48)


Configure Microsoft certificate-based authentication
Join Nick Wryter, Principal Product Manager, and Vimala Ranganathan, Principal Product Manager, to learn about certificate-based authentication (CBA) in Microsoft Entra ID, without the need to deploy, secure, and manage a federated identity provider, such as Active Directory Federated Services (ADFS). (6:53)

Configure user experience in Microsoft Entra certificate-based authentication
Join Vimala Ranganathan, Principal Product Manager, for guidance on configuring Microsoft Entra certificate-based authentication (CBA), including the end-user experience. (4:55)


Microsoft Entra Conditional Access authentication strength
Join Grace Picking, Senior Product Manager and Inbar Cizer Kobrinsky, Principal Product Manager, to learn about authentication strength and how it can help your organization enforce the use of phishing-resistant authentication. (13:24)

Configure Conditional Access authentication strength policies
Join Inbar Cizer Kobrinsky, Principal Product Manager, and Grace Picking, Senior Product Manager for insights on how authentication strength works with Conditional Access. (6:53)


Introduction to passkeys in Microsoft Entra ID
Join Product Manager Calvin Lui and Product Manager Mayur Santani as they discuss passkeys in Microsoft Entra ID and how to configure them. The Introduction to passkeys in Microsoft Entra ID video details passkeys for work. It describes how passkeys can help organizations usher in a phishing resistant future (11:16).
How to configure passkeys in Microsoft Entra ID
Join Product Manager Calvin Lui and Product Manager Mayur Santani as they discuss passkeys in Microsoft Entra ID and how to configure them. In the How to configure passkeys in Microsoft Entra ID video, Calvin and Mayur walk the user through how to set up passkeys and use them with an account. They walk you through registration and authentication experiences for passkeys in the Microsoft Authenticator app then passkeys on a FIDO2 security key (7:10).