1. Home
  2. Mapping Frameworks
  3. Azure Home
  4. Passwordless Authentication

Azure passwordless_authentication Mappings

Features like multi-factor authentication (MFA) are a great way to secure your organization, but users often get frustrated with the additional security layer on top of having to remember their passwords. Passwordless authentication methods are more convenient because the password is removed and replaced with something you have, plus something you are or something you know.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
passwordless_authentication Passwordless Authentication protect significant T1110 Brute Force
Comments
This control provides significant protection against this brute force technique by completing obviating the need for passwords by replacing it with passwordless credentials.
References
  1. https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless
passwordless_authentication Passwordless Authentication protect significant T1110.004 Credential Stuffing
Comments
This control provides significant protection against password based attacks by completing obviating the need for passwords by replacing it with passwordless credentials.
References
    passwordless_authentication Passwordless Authentication protect significant T1110.001 Password Guessing
    Comments
    This control provides significant protection against password based attacks by completing obviating the need for passwords by replacing it with passwordless credentials.
    References
      passwordless_authentication Passwordless Authentication protect significant T1110.003 Password Spraying
      Comments
      This control provides significant protection against password based attacks by completing obviating the need for passwords by replacing it with passwordless credentials.
      References
        passwordless_authentication Passwordless Authentication protect significant T1110.002 Password Cracking
        Comments
        This control provides significant protection against password based attacks by completing obviating the need for passwords by replacing it with passwordless credentials.
        References