SlideShare a Scribd company logo

O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer

NCCOMMS
NCCOMMS

Sander Berkouwer discusses moving away from passwords towards passwordless authentication. He argues that passwords are problematic because they can be cracked, intercepted, stolen or breached. 81% of digital incidents in 2018 involved weak or leaked credentials. 20% of IT costs go towards facilitating password resets. Windows Hello for Business provides a passwordless authentication option using a PIN, fingerprint or authentication app on Windows 10 devices. It supports single sign-on and multi-factor authentication. FIDO 2.0 security keys provide a unique key per application that cannot be reused. Berkouwer outlines Microsoft's journey towards passwordless authentication and the changes needed to processes like Azure AD join that currently rely on initial passwords.

Technology
1 of 25
Download to read offline
#O365Connect @SanderBerkouwer A life without passwords; dream or reality? Sander Berkouwer Chief Technology Officer SCCT scct.nl
Introduction Sander Berkouwer I live in the Netherlands I work at SCCT scct.nl @SanderBerkouwer #O365Connect I have a passion for Active Directory and Azure Active Directory. I’m a Microsoft MVP, Veeam Vanguard and VMware vExpert I wrote the AD Administration Cookbook
Why passwords are bad
Why passwords are bad Passwords are problematic They can be: • Cracked • Intercepted, shoulder-surfed and phished • Stolen, breached and re-used Passwords are in the way People aren’t designed to remember passwords Password resets cost organizations lots of productivity and thus money
How bad? 81% of all digital incidenten in 2018 were caused by weak, leaked and standard credentials. 20% of IT costs spent by organizations is to facilitate password resets.
“Do away with passwords for day-to-day use” Password-less
What we need (~98%) Credentials that can’t be reused Multi-factor Authentication is today’s go to solution Most organizations use One-time Passwords (OTPs) in text messages Authentication methods that are easier to use Multi-factor Authentication is not easy to use for a lot of people Non-crackable, non-interceptable credentials We need a new way to authenticate • With local storage of (biometric) credentials • With Quantum-proof encryption
What’s available today, technically Locations and physical security On- and offboarding procedures 802.1x network security Devices Removing local admin rights Windows Hello for Business Applications and systems Azure MFA and Azure MFA Server Azure AD Conditional Access Data OneDrive Personal Vault Locations Devices Applications and systems Data
How we’re deploying all this technology G-SuiteAzure AD Connect Azure AD Active Directory Domain Services IT personel Colleagues Office 365 On-premises applications Remote access Work from home Multi-factor authentication required Multi-factor authentication required Colleagues
Windows Hello for Business
Windows Hello for Business Look ma, no passwords! Password-less, strong authentication Available on Windows 10 Multi-factor Authentication, by default PIN, fingerprint, AuthN App are 1st factor Enrollment, linked to TPM, is 2nd factor Single Sign-On
Authentication Methods Authenticator Biometrics Security Key (FIDO 2.0) Convenience PIN 123456
Deployment Scenarios Azure Active Directory cloud-only Upon Azure AD Join, you enroll into Windows Hello for Business Device registration is performed with Azure AD as Identity Provider Hybrid Device registration is performed with Azure AD as Identity Provider Requires Azure AD Connect, synchronizing all colleagues in scope Active Directory (on-prem only) Device registration is performed with Active Directory Federation Services Requires AD FS 2016 FBL and 3rd Party AD FS MFA Adapter Requires Windows Server 2016-based Domain Controllers for key trust Requires a Certificate Registration Authority for certificate trust
Trust Options Key Trust Uses the raw key for authentication Requires at least one Windows Server 2016 –based Domain Controller, and thus: Windows Server 2016 AD Schema Windows Server 2016-version Domain Controller certificates Certificate Trust Uses a client-side enrolled certificate for authentication No Windows Server 2016 Domain Controllers required, but: Windows Server 2016 AD Schema AD FS on Windows Server 2016 Windows Server 2016 AD FS FBL Device Registration in AD FS Certificate for each user/client 3rd Party AD FS MFA Provider
Authentication Methods Authenticator Biometrics Security Key (FIDO 2.0) Convenience PIN 123456
Windows 10 device Azure Active Directory 1 2 3 4 How is a FIDO authentication different? Kerberos authentication FIDO 2.0 authentication Domain-joined Windows device Active Directory Domain services 1 2 3 4 1. KRB_AS_REQ 2. KRB_AS_REP 3. KRB_TGS_REQ 4. KRB_TGS_REP 5. KRB_AP_REQ 6. KRB_AP_REP 5 6 7 1. Hello 2. Nonce 3. (Nonce)WHfB Key 4. PRT, ID, ST 5. PRT 6. AccessToken +RefreshToken 7. AccessToken 5 6 Windows 10 device Azure Active Directory 1 2 3 4 3 Or: Federation TPM 3 TPM 3 4 1 2 4 4 1. Request 2. Challenge 3. (Challenge)Private Key per application 4. (Challenge)Public Key PRT, ID, AccessToken, etc. Windows Hello authentication
FIDO 2.0 gaining traction The Dutch Cybersecurity Center (NCSC) advises FIDO 2.0 - Koen Sandbrink, Advisor at NCSC, during his talk "We Are Going to Kill Passwords (or at Least Try)“ during the One Conference, October 2019 Source
In the grand scheme of things…
Microsoft’s Password-less journey
What if… Everybody uses password-less authentication? We’ll be moving from password resets to PIN resets Passwords expire, but people no longer use them regularly Expect an increase in password resets, until… Everybody has their passwords cleared How do we do Azure AD Join without a password? How do we provision people without an initial password? … loads of processes will need to be redesigned
Concluding
Windows Hello for Business Authentication method that is safer and more secure Authenticate using a PIN, your finger or your face Authentication with Windows Hello is multi-factor authentication Non-crackable, non-interceptable credentials Storage of (biometric) information is local When using federation: token-based Single Sign-on Credentials that can’t be reused When you use FIDO 2.0 keys you get a secure key per service
Thank you!
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer

Recommended

O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenO365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
NCCOMMS
 
O365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi RoineO365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi Roine
NCCOMMS
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
NCCOMMS
 
Windows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanWindows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanDavid J Rosenthal
 
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!
Anco Stuij
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
Sovelto
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi RoineO365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
NCCOMMS
 

Recommended

O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris GoosenO365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
O365Con19 - O365 Identity Management and The Golden Config - Chris Goosen
NCCOMMS
 
O365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi RoineO365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi Roine
NCCOMMS
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
NCCOMMS
 
Windows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanWindows Azure Active Directory - from Atidan
Windows Azure Active Directory - from AtidanDavid J Rosenthal
 
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!
SPSNL17 - Azure AD B2B - Safe collaboration has never been that easy!
Anco Stuij
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
Sovelto
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!
Ravikumar Sathyamurthy
 
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi RoineO365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
O365Con18 - Deep Dive into Microsoft 365 - Jussi Roine
NCCOMMS
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
Dell EMC Spanning
Dell EMC SpanningDell EMC Spanning
Dell EMC Spanning
Novosco
 
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
European Collaboration Summit
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
European Collaboration Summit
 
O365Con18 - Compliance Manager - Tomislav Lulic
O365Con18 - Compliance Manager - Tomislav LulicO365Con18 - Compliance Manager - Tomislav Lulic
O365Con18 - Compliance Manager - Tomislav Lulic
NCCOMMS
 
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITProceed
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure Developers
Krunal Trivedi
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
NCCOMMS
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
Sean Deuby
 
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de JagerO365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
NCCOMMS
 
Securing Intellectual Property using Azure Rights Management Services
Securing Intellectual Property using Azure Rights Management ServicesSecuring Intellectual Property using Azure Rights Management Services
Securing Intellectual Property using Azure Rights Management Services
SPC Adriatics
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenOffice Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
ITProceed
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on Azure
Mostafa
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
Peter Selch Dahl
 
Engage in effective collaboration with Azure AD B2B
Engage in effective collaboration with Azure AD B2BEngage in effective collaboration with Azure AD B2B
Engage in effective collaboration with Azure AD B2B
Anco Stuij
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
Vignesh Ganesan I Microsoft MVP
 
Moving from SBS to Azure
Moving from SBS to AzureMoving from SBS to Azure
Moving from SBS to Azure
Robert Crane
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App Security
Albert Hoitingh
 
CollabDays BeNeLux Sensitivity labels: what's new
CollabDays BeNeLux Sensitivity labels: what's newCollabDays BeNeLux Sensitivity labels: what's new
CollabDays BeNeLux Sensitivity labels: what's new
Albert Hoitingh
 
FIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
FIDO2 : vers la fin des mots de passe ? - Par Arnaud JumeletFIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
FIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
Identity Days
 
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case StudyDigital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case Study
iText Group nv
 

More Related Content

What's hot

Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
Dell EMC Spanning
Dell EMC SpanningDell EMC Spanning
Dell EMC Spanning
Novosco
 
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
European Collaboration Summit
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
European Collaboration Summit
 
O365Con18 - Compliance Manager - Tomislav Lulic
O365Con18 - Compliance Manager - Tomislav LulicO365Con18 - Compliance Manager - Tomislav Lulic
O365Con18 - Compliance Manager - Tomislav Lulic
NCCOMMS
 
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITProceed
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure Developers
Krunal Trivedi
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
NCCOMMS
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
Sean Deuby
 
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de JagerO365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
NCCOMMS
 
Securing Intellectual Property using Azure Rights Management Services
Securing Intellectual Property using Azure Rights Management ServicesSecuring Intellectual Property using Azure Rights Management Services
Securing Intellectual Property using Azure Rights Management Services
SPC Adriatics
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenOffice Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
ITProceed
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on Azure
Mostafa
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
Peter Selch Dahl
 
Engage in effective collaboration with Azure AD B2B
Engage in effective collaboration with Azure AD B2BEngage in effective collaboration with Azure AD B2B
Engage in effective collaboration with Azure AD B2B
Anco Stuij
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
Vignesh Ganesan I Microsoft MVP
 
Moving from SBS to Azure
Moving from SBS to AzureMoving from SBS to Azure
Moving from SBS to Azure
Robert Crane
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App Security
Albert Hoitingh
 
CollabDays BeNeLux Sensitivity labels: what's new
CollabDays BeNeLux Sensitivity labels: what's newCollabDays BeNeLux Sensitivity labels: what's new
CollabDays BeNeLux Sensitivity labels: what's new
Albert Hoitingh
 

What's hot (20)

Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
 
Dell EMC Spanning
Dell EMC SpanningDell EMC Spanning
Dell EMC Spanning
 
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
[Sy] How to Develop Your Office 365 Information Governance Strategy in 4 Steps
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
 
O365Con18 - Compliance Manager - Tomislav Lulic
O365Con18 - Compliance Manager - Tomislav LulicO365Con18 - Compliance Manager - Tomislav Lulic
O365Con18 - Compliance Manager - Tomislav Lulic
 
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure Developers
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
 
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de JagerO365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
O365Con19 - Keep Control of Your Data with AIP and CA - Bram de Jager
 
Securing Intellectual Property using Azure Rights Management Services
Securing Intellectual Property using Azure Rights Management ServicesSecuring Intellectual Property using Azure Rights Management Services
Securing Intellectual Property using Azure Rights Management Services
 
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas VochtenOffice Track: SharePoint Apps for the IT Pro - Thomas Vochten
Office Track: SharePoint Apps for the IT Pro - Thomas Vochten
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on Azure
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
 
Engage in effective collaboration with Azure AD B2B
Engage in effective collaboration with Azure AD B2BEngage in effective collaboration with Azure AD B2B
Engage in effective collaboration with Azure AD B2B
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
Moving from SBS to Azure
Moving from SBS to AzureMoving from SBS to Azure
Moving from SBS to Azure
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App Security
 
CollabDays BeNeLux Sensitivity labels: what's new
CollabDays BeNeLux Sensitivity labels: what's newCollabDays BeNeLux Sensitivity labels: what's new
CollabDays BeNeLux Sensitivity labels: what's new
 

Similar to O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer

FIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
FIDO2 : vers la fin des mots de passe ? - Par Arnaud JumeletFIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
FIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
Identity Days
 
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case StudyDigital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case Study
iText Group nv
 
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDPKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
DevOps.com
 
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft AzureUno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
Giuliano Latini
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
Nuno Árias Silva
 
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
Nuno Árias Silva
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
Denis Gundarev
 
MGT300 Using Microsoft System Center to Manage beyond the Trusted Domain
MGT300 Using Microsoft System Center to Manage beyond the Trusted DomainMGT300 Using Microsoft System Center to Manage beyond the Trusted Domain
MGT300 Using Microsoft System Center to Manage beyond the Trusted Domain
Louis Göhl
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Nordic Infrastructure Conference
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...
Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...
Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...
Identity Days
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
FIDO Alliance
 
SecureOTP: Total One-Time-Password Solution
SecureOTP: Total One-Time-Password SolutionSecureOTP: Total One-Time-Password Solution
SecureOTP: Total One-Time-Password SolutionRafidah Ariffin
 
Going Passwordless with Microsoft
Going Passwordless with MicrosoftGoing Passwordless with Microsoft
Going Passwordless with Microsoft
FIDO Alliance
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CloudIDSummit
 
O365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to followO365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to follow
NCCOMMS
 
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
Morgan Simonsen
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
Peter Selch Dahl
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
Scott Hoag
 

Similar to O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer (20)

FIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
FIDO2 : vers la fin des mots de passe ? - Par Arnaud JumeletFIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
FIDO2 : vers la fin des mots de passe ? - Par Arnaud Jumelet
 
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case StudyDigital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case Study
 
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDPKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
 
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft AzureUno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
Uno, nessuno o 10.000, la gestione dell'identità ai tempi di Microsoft Azure
 
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
TugaIT 2017 Office 365 Multi-factor authentication with Microsoft Azure Activ...
 
AzureAAD
AzureAADAzureAAD
AzureAAD
 
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
SPSLisbon 2017 Office 365 Multi-factor Authentication with Microsoft Azure Ac...
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
 
MGT300 Using Microsoft System Center to Manage beyond the Trusted Domain
MGT300 Using Microsoft System Center to Manage beyond the Trusted DomainMGT300 Using Microsoft System Center to Manage beyond the Trusted Domain
MGT300 Using Microsoft System Center to Manage beyond the Trusted Domain
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
 
Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...
Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...
Identity Days 2020 - Quelles sont les méthodes et le niveau de sécurisation/r...
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
SecureOTP: Total One-Time-Password Solution
SecureOTP: Total One-Time-Password SolutionSecureOTP: Total One-Time-Password Solution
SecureOTP: Total One-Time-Password Solution
 
Going Passwordless with Microsoft
Going Passwordless with MicrosoftGoing Passwordless with Microsoft
Going Passwordless with Microsoft
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 
O365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to followO365con14 - moving from on-premises to online, the road to follow
O365con14 - moving from on-premises to online, the road to follow
 
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
 

More from NCCOMMS

O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
NCCOMMS
 
O365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
O365Con19 - Model-driven Apps or Canvas Apps? - Rick BakkerO365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
O365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
NCCOMMS
 
O365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
O365Con19 - Office 365 Groups Surviving the Real World - Jasper OosterveldO365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
O365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
NCCOMMS
 
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis JugoO365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
NCCOMMS
 
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis JugoO365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
NCCOMMS
 
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul HuntO365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
NCCOMMS
 
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
NCCOMMS
 
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
NCCOMMS
 
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
NCCOMMS
 
O365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
O365Con19 - Lets Get Started with Azure Container Instances - Jussi RoineO365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
O365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
NCCOMMS
 
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna LinsO365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
NCCOMMS
 
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna LinsO365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
NCCOMMS
 
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
NCCOMMS
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
NCCOMMS
 
O365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
O365Con19 - Kaizala a Dive Into the Unknown - Rick van RousseltO365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
O365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
NCCOMMS
 
O365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
O365Con19 - How to Inspire Users to Unstick from Email - Luise FreeseO365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
O365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
NCCOMMS
 
O365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul Hunt
O365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul HuntO365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul Hunt
O365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul Hunt
NCCOMMS
 
O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...
O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...
O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...
NCCOMMS
 
O365Con19 - Automate All The Things - Chris Goosen
O365Con19 - Automate All The Things - Chris GoosenO365Con19 - Automate All The Things - Chris Goosen
O365Con19 - Automate All The Things - Chris Goosen
NCCOMMS
 

More from NCCOMMS (20)

O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
O365Con19 - UI:UX 101 Learn How to Design Custom Experiences for SharePoint -...
 
O365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
O365Con19 - Model-driven Apps or Canvas Apps? - Rick BakkerO365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
O365Con19 - Model-driven Apps or Canvas Apps? - Rick Bakker
 
O365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
O365Con19 - Office 365 Groups Surviving the Real World - Jasper OosterveldO365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
O365Con19 - Office 365 Groups Surviving the Real World - Jasper Oosterveld
 
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis JugoO365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
O365Con19 - Developing Timerjob and Eventhandler Equivalents - Adis Jugo
 
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis JugoO365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
O365Con19 - Sharepoint with (Artificial) Intelligence - Adis Jugo
 
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul HuntO365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul Hunt
 
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
O365Con19 - Tips and Tricks for Complex Migrations to SharePoint Online - And...
 
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
O365Con19 - Start Developing Teams Tabs and SharePoint Webparts with SPFX - O...
 
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
O365Con19 - Start Your Journey from Skype for Business to Teams - Sasja Beere...
 
O365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
O365Con19 - Lets Get Started with Azure Container Instances - Jussi RoineO365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
O365Con19 - Lets Get Started with Azure Container Instances - Jussi Roine
 
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna LinsO365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
O365Con19 - Customise the UI in Modern SharePoint Workspaces - Corinna Lins
 
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna LinsO365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
O365Con19 - Be The Protagonist of Your Modern Workplace - Corinna Lins
 
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
O365Con19 - How to Really Manage all your Tasks Across Microsoft 365 - Luise ...
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio StruyfO365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
 
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
O365Con19 - Things I've Learned While Building a Product on SharePoint Modern...
 
O365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
O365Con19 - Kaizala a Dive Into the Unknown - Rick van RousseltO365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
O365Con19 - Kaizala a Dive Into the Unknown - Rick van Rousselt
 
O365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
O365Con19 - How to Inspire Users to Unstick from Email - Luise FreeseO365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
O365Con19 - How to Inspire Users to Unstick from Email - Luise Freese
 
O365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul Hunt
O365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul HuntO365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul Hunt
O365Con19 - Exposing Multi-Geo Capabilities in Office 365 - Paul Hunt
 
O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...
O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...
O365Con19 - Customizing Microsoft Teams Provisioning and Governance - Olli Jä...
 
O365Con19 - Automate All The Things - Chris Goosen
O365Con19 - Automate All The Things - Chris GoosenO365Con19 - Automate All The Things - Chris Goosen
O365Con19 - Automate All The Things - Chris Goosen
 

Recently uploaded

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 

O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer

  • 1.
  • 2. #O365Connect @SanderBerkouwer A life without passwords; dream or reality? Sander Berkouwer Chief Technology Officer SCCT scct.nl
  • 3. Introduction Sander Berkouwer I live in the Netherlands I work at SCCT scct.nl @SanderBerkouwer #O365Connect I have a passion for Active Directory and Azure Active Directory. I’m a Microsoft MVP, Veeam Vanguard and VMware vExpert I wrote the AD Administration Cookbook
  • 5. Why passwords are bad Passwords are problematic They can be: • Cracked • Intercepted, shoulder-surfed and phished • Stolen, breached and re-used Passwords are in the way People aren’t designed to remember passwords Password resets cost organizations lots of productivity and thus money
  • 6. How bad? 81% of all digital incidenten in 2018 were caused by weak, leaked and standard credentials. 20% of IT costs spent by organizations is to facilitate password resets.
  • 7. “Do away with passwords for day-to-day use” Password-less
  • 8. What we need (~98%) Credentials that can’t be reused Multi-factor Authentication is today’s go to solution Most organizations use One-time Passwords (OTPs) in text messages Authentication methods that are easier to use Multi-factor Authentication is not easy to use for a lot of people Non-crackable, non-interceptable credentials We need a new way to authenticate • With local storage of (biometric) credentials • With Quantum-proof encryption
  • 9. What’s available today, technically Locations and physical security On- and offboarding procedures 802.1x network security Devices Removing local admin rights Windows Hello for Business Applications and systems Azure MFA and Azure MFA Server Azure AD Conditional Access Data OneDrive Personal Vault Locations Devices Applications and systems Data
  • 10. How we’re deploying all this technology G-SuiteAzure AD Connect Azure AD Active Directory Domain Services IT personel Colleagues Office 365 On-premises applications Remote access Work from home Multi-factor authentication required Multi-factor authentication required Colleagues
  • 11. Windows Hello for Business
  • 12. Windows Hello for Business Look ma, no passwords! Password-less, strong authentication Available on Windows 10 Multi-factor Authentication, by default PIN, fingerprint, AuthN App are 1st factor Enrollment, linked to TPM, is 2nd factor Single Sign-On
  • 13. Authentication Methods Authenticator Biometrics Security Key (FIDO 2.0) Convenience PIN 123456
  • 14. Deployment Scenarios Azure Active Directory cloud-only Upon Azure AD Join, you enroll into Windows Hello for Business Device registration is performed with Azure AD as Identity Provider Hybrid Device registration is performed with Azure AD as Identity Provider Requires Azure AD Connect, synchronizing all colleagues in scope Active Directory (on-prem only) Device registration is performed with Active Directory Federation Services Requires AD FS 2016 FBL and 3rd Party AD FS MFA Adapter Requires Windows Server 2016-based Domain Controllers for key trust Requires a Certificate Registration Authority for certificate trust
  • 15. Trust Options Key Trust Uses the raw key for authentication Requires at least one Windows Server 2016 –based Domain Controller, and thus: Windows Server 2016 AD Schema Windows Server 2016-version Domain Controller certificates Certificate Trust Uses a client-side enrolled certificate for authentication No Windows Server 2016 Domain Controllers required, but: Windows Server 2016 AD Schema AD FS on Windows Server 2016 Windows Server 2016 AD FS FBL Device Registration in AD FS Certificate for each user/client 3rd Party AD FS MFA Provider
  • 16. Authentication Methods Authenticator Biometrics Security Key (FIDO 2.0) Convenience PIN 123456
  • 17. Windows 10 device Azure Active Directory 1 2 3 4 How is a FIDO authentication different? Kerberos authentication FIDO 2.0 authentication Domain-joined Windows device Active Directory Domain services 1 2 3 4 1. KRB_AS_REQ 2. KRB_AS_REP 3. KRB_TGS_REQ 4. KRB_TGS_REP 5. KRB_AP_REQ 6. KRB_AP_REP 5 6 7 1. Hello 2. Nonce 3. (Nonce)WHfB Key 4. PRT, ID, ST 5. PRT 6. AccessToken +RefreshToken 7. AccessToken 5 6 Windows 10 device Azure Active Directory 1 2 3 4 3 Or: Federation TPM 3 TPM 3 4 1 2 4 4 1. Request 2. Challenge 3. (Challenge)Private Key per application 4. (Challenge)Public Key PRT, ID, AccessToken, etc. Windows Hello authentication
  • 18. FIDO 2.0 gaining traction The Dutch Cybersecurity Center (NCSC) advises FIDO 2.0 - Koen Sandbrink, Advisor at NCSC, during his talk "We Are Going to Kill Passwords (or at Least Try)“ during the One Conference, October 2019 Source
  • 19. In the grand scheme of things…
  • 21. What if… Everybody uses password-less authentication? We’ll be moving from password resets to PIN resets Passwords expire, but people no longer use them regularly Expect an increase in password resets, until… Everybody has their passwords cleared How do we do Azure AD Join without a password? How do we provision people without an initial password? … loads of processes will need to be redesigned
  • 23. Windows Hello for Business Authentication method that is safer and more secure Authenticate using a PIN, your finger or your face Authentication with Windows Hello is multi-factor authentication Non-crackable, non-interceptable credentials Storage of (biometric) information is local When using federation: token-based Single Sign-on Credentials that can’t be reused When you use FIDO 2.0 keys you get a secure key per service