Authentication methods sit at the center of every access decision in Microsoft Entra ID and Azure. In this 1 hour online session, we will take a practical, security focused look at how authentication methods are defined, managed, and evolved in modern Entra environments.

We will start by reviewing the available multifactor authentication and self service password reset methods, and how users experience registration through the combined security information experience. From there, we will unpack the shift from legacy per user and legacy MFA settings to the Authentication Methods policy, including what changes in control, visibility, and risk management.

The session will cover common pitfalls and recommendations for reducing attack surface by retiring weaker methods, aligning authentication methods with Conditional Access and authentication strengths, and avoiding tenant wide lockouts. We will also dive into passkeys in Entra ID, explaining the difference between device bound and syncable passkeys, where each makes sense, and how to introduce them safely.

Finally, we will look at special cases such as break glass administrative accounts, with clear guidance on how to configure authentication methods that balance resilience and security. Attendees will leave with a clearer mental model of Entra authentication methods, practical configuration guidance, and a roadmap for moving from legacy approaches to a modern, phishing resistant authentication strategy.