Merge pull request #190201 from MicrosoftDocs/main

3/01 PM Publish

Author: huypub

articles/active-directory-b2c/TOC.yml

@@ -331,6 +331,8 @@
         displayName: TOTP, time-based-one-time password, time-based one-time password, authenticator app, Microsoft authenticator app, mfa, 2fa
       - name: Partner integration
         items:
+        - name: Transmit Security
+          href: partner-bindid.md
         - name: BlokSec
           href: partner-bloksec.md
         - name: Haventec

articles/active-directory-b2c/media/partner-bindid/partner-bindid-architecture-diagram.png

@@ -41,6 +41,7 @@ Microsoft partners with the following ISVs for MFA and Passwordless authenticati
 
 | ISV partner | Description and integration walkthroughs |
 |:-------------------------|:--------------|
+|![Screenshot of a bindid logo](./media/partner-gallery/bindid-logo.png) | [Transmit Security's](./partner-bindid.md) solution BindID is a passwordless authentication service that uses strong FIDO2 biometric authentication for a reliable omni-channel authentication experience, which ensures a smooth login experience for customers across every device and channel eliminating fraud, phishing, and credential reuse. |
 | ![Screenshot of a bloksec logo](./media/partner-gallery/bloksec-logo.png) | [BlokSec](./partner-bloksec.md) is a passwordless authentication and tokenless MFA solution, which provides real-time consent-based services and protects customers against identity-centric cyber-attacks such as password stuffing, phishing, and man-in-the-middle attacks. |
 | ![Screenshot of a haventec logo](./media/partner-gallery/haventec-logo.png) | [Haventec](./partner-haventec.md) is a passwordless authentication provider, which provides decentralized identity platform that eliminates passwords, shared secrets, and friction. |
 | ![Screenshot of a hypr logo](./media/partner-gallery/hypr-logo.png) | [Hypr](./partner-hypr.md) is a passwordless authentication provider, which replaces passwords with public key encryptions eliminating fraud, phishing, and credential reuse. |

articles/active-directory-b2c/media/partner-gallery/bindid-logo.png

@@ -6,12 +6,12 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 02/16/2022
+ms.date: 03/1/2022
 
 ms.author: justinha
 author: justinha
 manager: karenhoran
-ms.reviewer: rhicock
+ms.reviewer: tilarso
 
 ms.collection: M365-identity-device-management
 ---
@@ -21,6 +21,7 @@ Before combined registration, users registered authentication methods for Azure
 
 > [!NOTE]
 > Starting on August 15th 2020, all new Azure AD tenants will be automatically enabled for combined registration. 
+> After Sept. 30th, 2022, all existing Azure AD tenants will be automatically enabled for combined registration. After this date tenants will be unable to utilize the sepperate legacy registration workflows for MFA and SSPR.
 
 This article outlines what combined security registration is. To get started with combined security registration, see the following article:
 

articles/active-directory-b2c/partner-bindid.md

@@ -156,6 +156,10 @@ A major step in every multifactor authentication deployment is getting users reg
 
 ### Combined registration for SSPR and Azure AD MFA
 
+> [!NOTE]
+> Starting on August 15th 2020, all new Azure AD tenants will be automatically enabled for combined registration. Tenants created after this date will be unable to utilize the legacy registration workflows.
+> After Sept. 30th, 2022, all existing Azure AD tenants will be automatically enabled for combined registration. After this date tenants will be unable to disable the combined registration experience.
+
 We recommend that organizations use the [combined registration experience for Azure AD Multi-Factor Authentication and self-service password reset (SSPR)](howto-registration-mfa-sspr-combined.md). SSPR allows users to reset their password in a secure way using the same methods they use for Azure AD Multi-Factor Authentication. Combined registration is a single step for end users. To make sure you understand the functionality and end-user experience, see the [Combined security information registration concepts](concept-registration-mfa-sspr-combined.md).
 
 It's critical to inform users about upcoming changes, registration requirements, and any necessary user actions. We provide [communication templates](https://aka.ms/mfatemplates) and [user documentation](https://support.microsoft.com/account-billing/set-up-security-info-from-a-sign-in-page-28180870-c256-4ebf-8bd7-5335571bf9a8) to prepare your users for the new experience and help to ensure a successful rollout. Send users to https://myprofile.microsoft.com to register by selecting the **Security Info** link on that page.

articles/active-directory-b2c/partner-gallery.md

@@ -6,12 +6,12 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: how-to
-ms.date: 06/28/2021
+ms.date: 03/1/2022
 
 ms.author: justinha
 author: justinha
 manager: karenhoran
-ms.reviewer: rhicock
+ms.reviewer: tilarso
 
 ms.collection: M365-identity-device-management
 ---
@@ -21,6 +21,7 @@ Before combined registration, users registered authentication methods for Azure
 
 > [!NOTE]
 > Starting on August 15th 2020, all new Azure AD tenants will be automatically enabled for combined registration. Tenants created after this date will be unable to utilize the legacy registration workflows.
+> After Sept. 30th, 2022, all existing Azure AD tenants will be automatically enabled for combined registration. After this date tenants will be unable to utilize the sepperate legacy registration workflows for MFA and SSPR.
 
 To make sure you understand the functionality and effects before you enable the new experience, see the [Combined security information registration concepts](concept-registration-mfa-sspr-combined.md).
 

articles/active-directory/authentication/concept-registration-mfa-sspr-combined.md

@@ -110,6 +110,10 @@ Before deploying SSPR, you may opt to determine the number and the average cost
 
 ### Combined registration for SSPR and Azure AD Multi-Factor Authentication
 
+> [!NOTE]
+> Starting on August 15th 2020, all new Azure AD tenants will be automatically enabled for combined registration. Tenants created after this date will be unable to utilize the legacy registration workflows.
+> After Sept. 30th, 2022, all existing Azure AD tenants will be automatically enabled for combined registration. After this date tenants will be unable to disable the combined registration experience.
+
 We recommend that organizations use the [combined registration experience for Azure AD Multi-Factor Authentication and self-service password reset (SSPR)](howto-registration-mfa-sspr-combined.md). SSPR allows users to reset their password in a secure way using the same methods they use for Azure AD Multi-Factor Authentication. Combined registration is a single step for end users. To make sure you understand the functionality and end-user experience, see the [Combined security information registration concepts](concept-registration-mfa-sspr-combined.md).
 
 It's critical to inform users about upcoming changes, registration requirements, and any necessary user actions. We provide [communication templates](https://aka.ms/mfatemplates) and [user documentation](https://support.microsoft.com/account-billing/set-up-security-info-from-a-sign-in-page-28180870-c256-4ebf-8bd7-5335571bf9a8) to prepare your users for the new experience and help to ensure a successful rollout. Send users to https://myprofile.microsoft.com to register by selecting the **Security Info** link on that page.

articles/active-directory/authentication/howto-mfa-getstarted.md

@@ -27,79 +27,79 @@ This article describes how you can add and remove roles and tasks for Microsoft
 ## View permissions
 
 1. On the CloudKnox home page, select the **Remediation** tab, and then select the **Permissions** subtab.
-1. From the **Select an authorization system type** dropdown, select **Azure** or **GCP**.
-1. From the **Select an authorization system** dropdown, select the accounts you want to access.
-1. From the **Search for** dropdown, select **Group**, **User**, or **APP**.
-1. To search for more parameters, you can make a selection from the **User States**, **Privilege Creep Index**, and **Task usage** dropdowns.
+1. From the **Authorization System Type** dropdown, select **Azure** or **GCP**.
+1. From the **Authorization System** dropdown, select the accounts you want to access.
+1. From the **Search For** dropdown, select **Group**, **User**, or **APP**.
+1. To search for more parameters, you can make a selection from the **User States**, **Permission Creep Index**, and **Task Usage** dropdowns.
 1. Select **Apply**.
     CloudKnox displays a list of groups, users, and service accounts that match your criteria.
 1. In **Enter a username**, enter or select a user.
-1. In **Enter a group name**, enter or select a group, then select **Apply**.
+1. In **Enter a Group Name**, enter or select a group, then select **Apply**.
 1. Make a selection from the results list.
 
-    The table displays the **Username** **Domain/Account**, **Source**, **Resource** and **Current role**.
+    The table displays the **Username** **Domain/Account**, **Source**, **Resource** and **Current Role**.
 
 
 ## Add a role
 
 1. On the CloudKnox home page, select the **Remediation** tab, and then select the **Permissions** subtab.
-1. From the **Select an authorization system type** dropdown, select **Azure** or **GCP**.
-1. From the **Select an authorization system** dropdown, select the accounts you want to access.
-1. From the **Search for** dropdown, select **Group**, **User**, or **APP**, and then select **Apply**.
+1. From the **Authorization System Type** dropdown, select **Azure** or **GCP**.
+1. From the **Authorization System** dropdown, select the accounts you want to access.
+1. From the **Search For** dropdown, select **Group**, **User**, or **APP/Service Account**, and then select **Apply**.
 1. Make a selection from the results list.
 
 1. To attach a role, select **Add role**.
-1. In the **Add role** page, from the **Available roles** list, select the plus sign **(+)** to move the role to the **Selected roles** list. 
+1. In the **Add Role** page, from the **Available Roles** list, select the plus sign **(+)** to move the role to the **Selected Roles** list. 
 1. When you have finished adding roles, select **Submit**.
-1. When the following message displays: **Are you sure you want to change permissions?**, select: 
+1. When the following message displays: **Are you sure you want to change permission?**, select: 
     - **Generate Script** to generate a script where you can manually add/remove the permissions you selected.
     - **Execute** to change the permission.
     - **Close** to cancel the action.
 
 ## Remove a role
 
 1. On the CloudKnox home page, select the **Remediation** tab, and then select the **Permissions** subtab.
-1. From the **Select an authorization system type** dropdown, select **Azure** or **GCP**.
-1. From the **Select an authorization system** dropdown, select the accounts you want to access.
-1. From the **Search for** dropdown, select **Group**, **User**, or **APP**, and then select **Apply**.
+1. From the **Authorization System Type** dropdown, select **Azure** or **GCP**.
+1. From the **Authorization System** dropdown, select the accounts you want to access.
+1. From the **Search For** dropdown, select **Group**, **User**, or **APP/Service Account**, and then select **Apply**.
 1. Make a selection from the results list.
 
-1. To remove a role, select **Remove role**.
-1. In the **Remove role** page, from the **Available roles** list, select the plus sign **(+)** to move the role to the **Selected roles** list. 
+1. To remove a role, select **Remove Role**.
+1. In the **Remove Role** page, from the **Available Roles** list, select the plus sign **(+)** to move the role to the **Selected Roles** list. 
 1. When you have finished selecting roles, select **Submit**.
-1. When the following message displays: **Are you sure you want to change permissions?**, select: 
+1. When the following message displays: **Are you sure you want to change permission?**, select: 
     - **Generate Script** to generate a script where you can manually add/remove the permissions you selected.
     - **Execute** to change the permission.
     - **Close** to cancel the action.
 
 ## Add a task
 
 1. On the CloudKnox home page, select the **Remediation** tab, and then select the **Permissions** subtab.
-1. From the **Select an authorization system type** dropdown, select **Azure** or **GCP**.
-1. From the **Select an authorization system** dropdown, select the accounts you want to access.
-1. From the **Search for** dropdown, select **Group**, **User**, or **APP**, and then select **Apply**.
+1. From the **Authorization System Type** dropdown, select **Azure** or **GCP**.
+1. From the **Authorization System** dropdown, select the accounts you want to access.
+1. From the **Search For** dropdown, select **Group**, **User**, or **APP/Service Account**, and then select **Apply**.
 1. Make a selection from the results list.
 
-1. To attach a role, select **Add tasks**.
-1. In the **Add tasks** page, from the **Available tasks** list, select the plus sign **(+)** to move the task to the **Selected tasks** list. 
+1. To attach a role, select **Add Tasks**.
+1. In the **Add Tasks** page, from the **Available Tasks** list, select the plus sign **(+)** to move the task to the **Selected Tasks** list. 
 1. When you have finished adding tasks, select **Submit**.
-1. When the following message displays: **Are you sure you want to change permissions?**, select: 
+1. When the following message displays: **Are you sure you want to change permission?**, select: 
     - **Generate Script** to generate a script where you can manually add/remove the permissions you selected.
     - **Execute** to change the permission.
     - **Close** to cancel the action.
 
 ## Remove a task
 
 1. On the CloudKnox home page, select the **Remediation** tab, and then select the **Permissions** subtab.
-1. From the **Select an authorization system type** dropdown, select **Azure** or **GCP**.
-1. From the **Select an authorization system** dropdown, select the accounts you want to access.
-1. From the **Search for** dropdown, select **Group**, **User**, or **APP**, and then select **Apply**.
+1. From the **Authorization System Type** dropdown, select **Azure** or **GCP**.
+1. From the **Authorization System** dropdown, select the accounts you want to access.
+1. From the **Search For** dropdown, select **Group**, **User**, or **APP/Service Account**, and then select **Apply**.
 1. Make a selection from the results list.
 
-1. To remove a task, select **Remove tasks**.
-1. In the **Remove tasks** page, from the **Available tasks** list, select the plus sign **(+)** to move the task to the **Selected tasks** list. 
+1. To remove a task, select **Remove Tasks**.
+1. In the **Remove Tasks** page, from the **Available Tasks** list, select the plus sign **(+)** to move the task to the **Selected Tasks** list. 
 1. When you have finished selecting tasks, select **Submit**.
-1. When the following message displays: **Are you sure you want to change permissions?**, select: 
+1. When the following message displays: **Are you sure you want to change permission?**, select: 
     - **Generate Script** to generate a script where you can manually add/remove the permissions you selected.
     - **Execute** to change the permission.
     - **Close** to cancel the action.