![]() In this blog, I’ll report my findings on how the Azure AD MFA works under-the-hood, and how I built a custom authenticator app for Android. In most cases, it protects users from phishing attacks as the attackers can’t log in even they have user’s credentials. ![]() Multi-factor Authentication (MFA) is nowadays a recommended method for providing extra protection for users. “Bypass” MFA by editing users’ MFA settings.Implementing AADInternals Authenticator.Step 10: (HTTP) ConfirmActivationResponse.Step 9: (HTTP) phoneAppAuthenticationResultResponse.Step 8: (HTTP) phoneAppAuthenticationResultRequest.Step 4: (HTTP) phoneAppValidateDeviceTokenResponse.Step 3: (HTTP) phoneAppValidateDeviceTokenRequest.
0 Comments
Leave a Reply. |