Tag Archives: 2FA

Use FIDO2 passwordless authentication with Azure AD

January 17, 2022 · by · in Azure, Azure AD · 3 Comments

This article shows how to implement FIDO2 passwordless authentication with Azure AD for users in an Azure tenant. FIDO2 provides one of the best user authentication methods and is a more secure authentication compared with other account authentication implementations such authenticator apps, SMS, email, password alone or SSI authentication. FIDO2 authentication protects against phishing. To […]

The authentication pyramid

March 17, 2021 · by · in Security · 6 Comments

This article looks at the authentication pyramid for signing into different applications. I only compare flows which have user interaction and only compare the 2FA, MFA differences. A lot of incorrect and aggressive marketing from large companies are blurring out the differences so that they can sell their products and so on. When you as […]

Send MFA signin requirement to OpenID Connect server using ASP.NET Core Identity and IdentityServer4

December 18, 2019 · by · in .NET Core, ASP.NET Core, dotnet, MVC, OAuth2, Security, Web · 3 Comments

This post adds the custom ASP.NET Core Identity, IdentityServer4 logic to check for the “acr_values” and react if a client application requests MFA for authentication. The “acr_values” parameter is used to pass the mfa value from the client to the server in the authentication request. Code: https://github.com/damienbod/AspNetCoreHybridFlowWithApi Blogs in this series Force ASP.NET Core OpenID […]

ASP.NET Core Identity with FIDO2 WebAuthn MFA

August 6, 2019 · by · in .NET Core, ASP.NET Core, javascript, MVC, Security, Web · 3 Comments

This article shows how FIDO2 WebAuthn could be used as 2FA and integrated into an ASP.NET Core Identity application. The FIDO2 WebAuthn is implemented using the fido2-net-lib Nuget package, and demo code created by Anders Åberg. The application is implemented using ASP.NET Core 3.0 with Identity. For information about Fido2 and WebAuthn, please refer to […]

Implementing Two-factor authentication with IdentityServer4 and Twilio

July 14, 2017 · by · in .NET Core, MVC, OAuth2, Security, Uncategorized, Web · 14 Comments

This article shows how to implement two factor authentication using Twilio and IdentityServer4 using Identity. On the Microsoft’s Two-factor authentication with SMS documentation, Twilio and ASPSMS are promoted, but any SMS provider can be used. Code: https://github.com/damienbod/AspNetCoreID4External 2017-09-23 Updated to ASP.NET Core 2.0 Setting up Twilio Create an account and login to https://www.twilio.com/ Now create […]