配置 Azure 多重身份验证设置Configure Azure Multi-Factor Authentication settings

在启动并运行 Azure 多重身份验证后,可以参考本文进行管理。This article helps you to manage Azure Multi-Factor Authentication now that you're up and running. 本文涵盖了各种主题,可帮助你充分利用 Azure 多重身份验证。It covers various topics that help you to get the most out of Azure Multi-Factor Authentication. 并非所有版本的 Azure 多重身份验证都提供所有这些功能。Not all of the features are available in every version of Azure Multi-Factor Authentication.

FeatureFeature 说明Description
可选择验证方法Selectable verification methods 可以通过此功能选择可供用户使用的身份验证方法的列表。Use this feature to select the list of authentication methods that users are able to use.

可选验证方法Selectable verification methods

可使用“可选择验证方法”功能,选择用户可使用的验证方法。You can choose the verification methods that are available for your users by using the selectable verification methods feature. 下表提供了这些方法的简要概述。The following table provides a brief overview of the methods.

用户为其帐户注册 Azure 多重身份验证时,可从你启用的选项中选择其首选验证方法。When your users enroll their accounts for Azure Multi-Factor Authentication, they choose their preferred verification method from the options that you have enabled. 为我的帐户设置双重验证帐户中提供了用户注册过程指导。Guidance for the user enrollment process is provided in Set up my account for two-step verification.

方法Method 说明Description
拨打电话Call to phone 拨打自动语音电话。Places an automated voice call. 用户接听电话,并按电话键盘上的 # 进行身份验证。The user answers the call and presses # in the phone keypad to authenticate. 此电话号码不会同步到本地 Active Directory。The phone number is not synchronized to on-premises Active Directory.
向手机发送短信Text message to phone 发送包含验证码的短信。Sends a text message that contains a verification code. 系统会提示用户在登录界面中输入验证代码。The user is prompted to enter the verification code into the sign-in interface. 此过程称为单向短信。This process is called one-way SMS. 双向短信意味着用户必须短信回复一个特定代码。Two-way SMS means that the user must text back a particular code. 已弃用双向短信,2018 年 11 月 14 日后不再受到支持。Two-way SMS is deprecated and not supported after November 14, 2018. 届时,配置为使用双向短信的用户会自动切换到“电话呼叫”验证。Users who are configured for two-way SMS are automatically switched to call to phone verification at that time.
通过移动应用发送通知Notification through mobile app 向手机或已注册设备发送推送通知。Sends a push notification to your phone or registered device. 用户将查看通知并选择验证来完成验证。The user views the notification and selects Verify to complete verification. Microsoft Authenticator 应用可用于 Windows PhoneAndroidiOSThe Microsoft Authenticator app is available for Windows Phone, Android, and iOS.
通过移动应用发送验证码Verification code from mobile app Microsoft Authenticator 应用每隔 30 秒会生成一个新的 OATH 验证码。The Microsoft Authenticator app generates a new OATH verification code every 30 seconds. 用户将此验证码输入到登录界面中。The user enters the verification code into the sign-in interface. Microsoft Authenticator 应用可用于 Windows PhoneAndroidiOSThe Microsoft Authenticator app is available for Windows Phone, Android, and iOS.

启用和禁用可选择验证方法Enable and disable verification methods

  1. 登录到 Azure 门户Sign in to the Azure portal.

  2. 在左侧,选择“Azure Active Directory” > “用户和组” > “所有用户”。On the left, select Azure Active Directory > Users and groups > All users.

  3. 选择“多重身份验证”。Select Multi-Factor Authentication.

  4. 在“多重身份验证”下,选择“服务设置”。Under Multi-Factor Authentication, select service settings.

  5. 在“服务设置”页上的“验证选项”下,选择/取消选择要向用户提供的方法。On the Service Settings page, under verification options, select/unselect the methods to provide to your users.

    选择验证方法

  6. 单击“ 保存”。Click Save.