Update nist-authenticator-assurance-level-1.md

janicericketts · web-flow · commit fc53437ad7cf · 2022-12-07T11:46:44.000-05:00
Revisiting an update that had not gone through to address a GitHub clarification issue regarding what is covered in NIST levels.
diff --git a/articles/active-directory/standards/nist-authenticator-assurance-level-1.md b/articles/active-directory/standards/nist-authenticator-assurance-level-1.md
@@ -27,7 +27,7 @@ Before you attempt to achieve authenticator assurance level 1 (AAL1), you might
 
 ## Permitted authenticator types
 
- To achieve AAL1, you can use any NIST single-factor or multifactor [permitted authenticator](nist-authenticator-types.md). The following table contains those not covered in [AAL2](nist-authenticator-assurance-level-2.md) and [AAL3](nist-authenticator-assurance-level-2.md).
+ To achieve AAL1, you can use any NIST single-factor or multifactor [permitted authenticator](nist-authenticator-types.md). Note that Password and Phone (SMS) are not covered in [AAL2](nist-authenticator-assurance-level-2.md) or [AAL3](nist-authenticator-assurance-level-2.md).
 
 | Azure AD authentication method| NIST authenticator type |
 | - | - |
