Using Azure AD for third-party application authentication could extend your risk perimeter. Some applications read and store Azure AD data in external databases.

Microsoft is looking to better protect hybrid workers connecting to its Azure Active Directory (AD) service via iOS or Android endpoints from phishing and password -stealing attacks.

Microsoft announces a passwordless authentication solution for Azure AD on iOS and Android to help fight phishing attacks.

In the Azure AD environment, OAuth is used to help manage user access to external resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications using OAuth apps.

In a new blog post, the company revealed that it’s adding multi-factor authentication as the default security setting for existing Azure customers who haven’t changed that setting on their own.