To go further: Resilience defaults (preview).Option 4: Configuration of access token lifetime (preview).Option 3: Continuous Access Evaluation (preview).Option 2: Conditionnal Access Policy with “sign-in frequency” and “persistence”.Option 1: “ Keep me signed-in” deactivation.In order to control the lifetime of user sessions and to manage the associated risks, Microsoft offers several options: The two direct consequences are that users authenticate without thinking (risk of phishing) or use weak passwords. ![]() On the other hand, the user experience could be so poor that it would paradoxically lead to a decrease in security.The security answer is obviously: “you have to set the shortest possible duration” (it is not uncommon to want to set a day or even few hours).The problem is simple, but the answer is complex: what balance can be found between user experience and session lifetime? How long are my users logged in? How much flexibility do I have to revoke a compromised user’s access?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |