Merge pull request #231365 from Justinha/sys-mfa-2

v-regandowner · web-flow · commit e3e12326d6fd · 2023-03-20T13:12:54.000-04:00
added links to methods and revised list
diff --git a/articles/active-directory/authentication/concept-system-preferred-multifactor-authentication.md b/articles/active-directory/authentication/concept-system-preferred-multifactor-authentication.md
@@ -4,7 +4,7 @@ description: Learn how to use system-preferred multifactor authentication
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 03/16/2023
+ms.date: 03/20/2023
 ms.author: justinha
 author: justinha
 manager: amycolannino
@@ -94,25 +94,17 @@ Content-Type: application/json
 
 ### How does system-preferred MFA determine the most secure method?
 
-When a user signs in, the authentication process checks which authentication methods are registered for the user. The user is prompted to sign-in with the most secure method according to the following order. The order of authentication methods is dynamic. It's updated as the security landscape changes, and as better authentication methods emerge.
-
-1. Temporary Access Pass
-1. Certificate-based authentication
-1. FIDO2 security key
-1. Microsoft Authenticator notification
-1. Companion app notification
-1. Microsoft Authenticator time-based one-time password (TOTP)
-1. Companion app TOTP
-1. Hardware token based TOTP
-1. Software token based TOTP
-1. SMS over mobile
-1. OnewayVoiceMobileOTP
-1. OnewayVoiceAlternateMobileOTP
-1. OnewayVoiceOfficeOTP
-1. TwowayVoiceMobile
-1. TwowayVoiceAlternateMobile
-1. TwowayVoiceOffice
-1. TwowaySMSOverMobile
+When a user signs in, the authentication process checks which authentication methods are registered for the user. The user is prompted to sign-in with the most secure method according to the following order. The order of authentication methods is dynamic. It's updated as the security landscape changes, and as better authentication methods emerge. Click the link for information about each method.
+
+1. [Temporary Access Pass](howto-authentication-temporary-access-pass.md)
+1. [Certificate-based authentication](concept-certificate-based-authentication.md)
+1. [FIDO2 security key](concept-authentication-passwordless.md#fido2-security-keys)
+1. [Time-based one-time password (TOTP)](concept-authentication-oath-tokens.md)<sup>1</sup>
+1. [Telephony](concept-authentication-phone-options.md)<sup>2</sup>
+
+<sup>1</sup> Includes hardware or software TOTP from Microsoft Authenticator, Authenticator Lite, or third-party applications.
+<sup>2</sup> Includes SMS and voice calls.
+
 
 ### How does system-preferred MFA affect AD FS or NPS extension?
 
