MFA - The Lazy Administrator

Improve your Azure Multi-Factor Authentication Notifications

September 26, 2022 Brad Wyatt Comments 2 comments

Recently, Uber appeared to be hacked in what is called a MFA Fatigue attack. The attacker continuously sent MFA requests to an end user hoping they would accidentally approve one of them. Microsoft has several items to help prevent MFA fatigue attacks that you can configure and enable for your end users. Traditionally, MFA notifications are push notifications where a user can either accept or deny the request. Some improvements to this have been multiple number options where the end user must select one of four numbers that is presented on the screen they are logging into. The problem with this is that leaves a 1 in 4 chance an accidental selection may result in unauthorized access.

Configure Fraud Alerts

Fraud Alerts allow your users to report fraud if they receive a two-step verification request that they didn’t initiate and automatically block their account from sign-on.

Go to the Azure … Continue...

PowerShell Function to Connect to All Office 365 Services With Support for MFA

February 5, 2019 Brad Wyatt Comments 41 comments

I usually have to connect to Office 365 via PowerShell at least once per day. I had the following function stored in my PowerShell Profile:

function Connect-O365 
{
	$UserCredential = Get-Credential
	$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://ps.outlook.com/powershell/" -Credential $UserCredential -Authentication Basic -AllowRedirection
	Import-PSSession $Session
	Connect-MsolService -Credential $UserCredential
}

This allowed me to just open PowerShell and type Connect-O365 to connect to Office 365 instead of looking up the Session information and all of the cmdlets needed. One of the issues I faced was the lack of multi-factor authentication support. To connect to Exchange Online or Security and Compliance Center using multi-factor authentication you must use another module that is found in your tenant. Also, when you install this module it gets buried in your local app data folder.

So I decided to just re-do the entire function, allowing it to connect to the following Office 365 services:

Exchange

… Continue...