Glossary
Authentication Method
A way to prove identity in Entra ID — password, Authenticator app, FIDO2 key, passkey, Windows Hello, certificate.
An authentication method in Microsoft Entra ID is a way users prove their identity during sign-in. Microsoft supports multiple methods: password, Microsoft Authenticator (push, OTP, or passwordless), FIDO2 security key, passkey, Windows Hello for Business, certificate-based authentication, temporary access pass (TAP), email OTP, SMS / voice call (discouraged). Configured tenant-wide in Entra admin center → Authentication methods → Policies — each method can be enabled, disabled, or scoped to specific groups, with parameters for that method. Replaces the older per-policy MFA configuration with a unified, granular framework. The single most important Entra ID security configuration.