配置 Azure 多重身份验证设置Configure Azure Multi-Factor Authentication settings
在启动并运行 Azure 多重身份验证后,可以参考本文进行管理。This article helps you to manage Azure Multi-Factor Authentication now that you're up and running. 本文涵盖了各种主题,可帮助你充分利用 Azure 多重身份验证。It covers various topics that help you to get the most out of Azure Multi-Factor Authentication. 并非所有版本的 Azure 多重身份验证都提供所有这些功能。Not all of the features are available in every version of Azure Multi-Factor Authentication.
FeatureFeature | 说明Description |
---|---|
可选择验证方法Selectable verification methods | 可以通过此功能选择可供用户使用的身份验证方法的列表。Use this feature to select the list of authentication methods that users are able to use. |
可选验证方法Selectable verification methods
可使用“可选择验证方法”功能,选择用户可使用的验证方法。You can choose the verification methods that are available for your users by using the selectable verification methods feature. 下表提供了这些方法的简要概述。The following table provides a brief overview of the methods.
用户为其帐户注册 Azure 多重身份验证时,可从你启用的选项中选择其首选验证方法。When your users enroll their accounts for Azure Multi-Factor Authentication, they choose their preferred verification method from the options that you have enabled. 为我的帐户设置双重验证帐户中提供了用户注册过程指导。Guidance for the user enrollment process is provided in Set up my account for two-step verification.
方法Method | 说明Description |
---|---|
拨打电话Call to phone | 拨打自动语音电话。Places an automated voice call. 用户接听电话,并按电话键盘上的 # 进行身份验证。The user answers the call and presses # in the phone keypad to authenticate. 此电话号码不会同步到本地 Active Directory。The phone number is not synchronized to on-premises Active Directory. |
向手机发送短信Text message to phone | 发送包含验证码的短信。Sends a text message that contains a verification code. 系统会提示用户在登录界面中输入验证代码。The user is prompted to enter the verification code into the sign-in interface. 此过程称为单向短信。This process is called one-way SMS. 双向短信意味着用户必须短信回复一个特定代码。Two-way SMS means that the user must text back a particular code. 已弃用双向短信,2018 年 11 月 14 日后不再受到支持。Two-way SMS is deprecated and not supported after November 14, 2018. 届时,配置为使用双向短信的用户会自动切换到“电话呼叫”验证。Users who are configured for two-way SMS are automatically switched to call to phone verification at that time. |
通过移动应用发送通知Notification through mobile app | 向手机或已注册设备发送推送通知。Sends a push notification to your phone or registered device. 用户将查看通知并选择验证来完成验证。The user views the notification and selects Verify to complete verification. Microsoft Authenticator 应用可用于 Windows Phone、Android 和 iOS。The Microsoft Authenticator app is available for Windows Phone, Android, and iOS. |
通过移动应用发送验证码Verification code from mobile app | Microsoft Authenticator 应用每隔 30 秒会生成一个新的 OATH 验证码。The Microsoft Authenticator app generates a new OATH verification code every 30 seconds. 用户将此验证码输入到登录界面中。The user enters the verification code into the sign-in interface. Microsoft Authenticator 应用可用于 Windows Phone、Android 和 iOS。The Microsoft Authenticator app is available for Windows Phone, Android, and iOS. |
启用和禁用可选择验证方法Enable and disable verification methods
登录到 Azure 门户。Sign in to the Azure portal.
在左侧,选择“Azure Active Directory” > “用户和组” > “所有用户”。On the left, select Azure Active Directory > Users and groups > All users.
选择“多重身份验证”。Select Multi-Factor Authentication.
在“多重身份验证”下,选择“服务设置”。Under Multi-Factor Authentication, select service settings.
在“服务设置”页上的“验证选项”下,选择/取消选择要向用户提供的方法。On the Service Settings page, under verification options, select/unselect the methods to provide to your users.
单击“ 保存”。Click Save.