Home NewsX The latest enhancements in Microsoft Authenticator

The latest enhancements in Microsoft Authenticator

by info.odysseyx@gmail.com
0 comment 2 views


hello everyone,

We’re excited to announce three key Microsoft Entra ID improvements to help protect your users with anti-phishing authentication.

  • Refresh public preview: Support for device-bound secret keys in Microsoft Authenticator
  • Public Preview: Support for FIDO2 security keys in native brokerage applications such as Outlook and Teams in Android 14
  • General Availability: FIPS compliance for Microsoft Authenticator on Android

These developments are critical not only to ensure compliance with: United States Executive Order 14028 on Improving National CybersecurityIt is also intended to protect all organizations and users who rely on secure digital identities. Let’s dig deeper!

Public Preview Refresh: Support for Device Binding Secret Keys in Microsoft Authenticator

during world password day Last May, we announced the public preview of device binding secret key support in Microsoft Authenticator for iOS and Android, tailored for organizations with higher security assurance requirements. Now we’ve revamped it with some exciting new features!

During public preview, we received valuable feedback from customers that the secret key registration experience was cumbersome and error-prone. Some users took up to 19 steps to register on their laptops, missed essential prerequisites like enabling Bluetooth on their devices, or accidentally set up their passkey through an unsupported provider. Based on this feedback, we have improved the registration flow to provide a more customized experience for users to successfully register their secret keys. We also optimized the registration process by initially directing users to log into the Authenticator app. This approach provides a seamless experience, guiding users through prerequisites while significantly reducing contextual switching between devices.

In addition to improving the user experience, we’ve also strengthened our security posture by introducing attestation support. When configured, it leverages Android and iOS APIs to verify the legitimacy of the Microsoft Authenticator app on the user’s device before registering the secret key.

Figure 1: Secret key in Microsoft AuthenticatorFigure 1: Secret key in Microsoft Authenticator

Both of these features are currently in preview. We encourage you to try out these features in your organization and share your feedback as we prepare for our upcoming general availability.

To get started, see: documentation. Please read the original announcement to learn more about secret key support for Microsoft Entra ID. Public Preview: Expands secret key support in Microsoft Entra ID.

Public Preview: Brokered Secret Key (FIDO2) Authentication for Microsoft Applications on Android

Along with the public preview refresh of Microsoft Authenticator’s secret key support, we will also be introducing public preview support for secret key (FIDO2) authentication within brokered Microsoft applications on Android. Users can now sign in to Microsoft apps like Teams and Outlook using a FIDO2 security key or secret key in the Microsoft Authenticator app if the Microsoft Authenticator app or the Microsoft Intune Company Portal app is installed as the authentication broker on Android 14 and later. device.

Support for FIDO2 security key sign-in for brokered Microsoft apps in Android 13 will be available next month.

General Availability: FIPS Compliance for Microsoft Authenticator on Android

Microsoft Authenticator on iOS and Android is now FIPS 140 compliant. while The iOS Authenticator app will be FIPS 140 compliant starting December 2022.We released a FIPS 140-compliant version of the Android Authenticator app in September 2024.

FIPS 140 compliance for Microsoft Authenticator helps federal agencies meet the following requirements: Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” and medical institutions Electronic Prescription for Controlled Substances (EPCS).

All authentication for Microsoft Entra ID using Authenticator, including passkeys, passwordless phone sign-in, multi-factor authentication (MFA), and one-time passcode, is considered FIPS compliant. No configuration changes are required in Microsoft Authenticator or Microsoft Entra identity admin centers to enable this feature. On Android, users of Microsoft Authenticator version 6.2408.5807 and later are FIPS 140 compliant for Microsoft Entra identity authentication by default.

Microsoft Authenticator on Android uses WolfSSL Inc.’s WolfCrypt module to achieve FIPS 140-3 Level 1 compliance. For more information about the authentication used, see: Encryption module verification program information.

This release significantly improves the user experience and security posture of Microsoft Authenticator, making it easier to achieve your anti-phishing goals. If you haven’t already considered anti-phishing, we highly recommend that you do so. Updated content is available. Passwordless Deployment Guide To begin this journey.

We look forward to trying these improvements and sharing your feedback.

thank you,

Nitika Gupta

Learn more about Microsoft Entra

Prevent identity attacks, ensure least-privileged access, unify access control, and improve user experience with comprehensive identity and network access solutions across on-premises and cloud.





Source link

You may also like

Leave a Comment

Our Company

Welcome to OdysseyX, your one-stop destination for the latest news and opportunities across various domains.

Newsletter

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Laest News

@2024 – All Right Reserved. Designed and Developed by OdysseyX