The latest enhancements in Microsoft Authenticator by info.odysseyx@gmail.com October 22, 2024 written by info.odysseyx@gmail.com October 22, 2024 0 comment 2 views 2 hello everyone, We’re excited to announce three key Microsoft Entra ID improvements to help protect your users with anti-phishing authentication. Refresh public preview: Support for device-bound secret keys in Microsoft Authenticator Public Preview: Support for FIDO2 security keys in native brokerage applications such as Outlook and Teams in Android 14 General Availability: FIPS compliance for Microsoft Authenticator on Android These developments are critical not only to ensure compliance with: United States Executive Order 14028 on Improving National CybersecurityIt is also intended to protect all organizations and users who rely on secure digital identities. Let’s dig deeper! Public Preview Refresh: Support for Device Binding Secret Keys in Microsoft Authenticator during world password day Last May, we announced the public preview of device binding secret key support in Microsoft Authenticator for iOS and Android, tailored for organizations with higher security assurance requirements. Now we’ve revamped it with some exciting new features! During public preview, we received valuable feedback from customers that the secret key registration experience was cumbersome and error-prone. Some users took up to 19 steps to register on their laptops, missed essential prerequisites like enabling Bluetooth on their devices, or accidentally set up their passkey through an unsupported provider. Based on this feedback, we have improved the registration flow to provide a more customized experience for users to successfully register their secret keys. We also optimized the registration process by initially directing users to log into the Authenticator app. This approach provides a seamless experience, guiding users through prerequisites while significantly reducing contextual switching between devices. In addition to improving the user experience, we’ve also strengthened our security posture by introducing attestation support. When configured, it leverages Android and iOS APIs to verify the legitimacy of the Microsoft Authenticator app on the user’s device before registering the secret key. Figure 1: Secret key in Microsoft Authenticator Both of these features are currently in preview. We encourage you to try out these features in your organization and share your feedback as we prepare for our upcoming general availability. To get started, see: documentation. Please read the original announcement to learn more about secret key support for Microsoft Entra ID. Public Preview: Expands secret key support in Microsoft Entra ID. Public Preview: Brokered Secret Key (FIDO2) Authentication for Microsoft Applications on Android Along with the public preview refresh of Microsoft Authenticator’s secret key support, we will also be introducing public preview support for secret key (FIDO2) authentication within brokered Microsoft applications on Android. Users can now sign in to Microsoft apps like Teams and Outlook using a FIDO2 security key or secret key in the Microsoft Authenticator app if the Microsoft Authenticator app or the Microsoft Intune Company Portal app is installed as the authentication broker on Android 14 and later. device. Support for FIDO2 security key sign-in for brokered Microsoft apps in Android 13 will be available next month. General Availability: FIPS Compliance for Microsoft Authenticator on Android Microsoft Authenticator on iOS and Android is now FIPS 140 compliant. while The iOS Authenticator app will be FIPS 140 compliant starting December 2022.We released a FIPS 140-compliant version of the Android Authenticator app in September 2024. FIPS 140 compliance for Microsoft Authenticator helps federal agencies meet the following requirements: Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity.” and medical institutions Electronic Prescription for Controlled Substances (EPCS). All authentication for Microsoft Entra ID using Authenticator, including passkeys, passwordless phone sign-in, multi-factor authentication (MFA), and one-time passcode, is considered FIPS compliant. No configuration changes are required in Microsoft Authenticator or Microsoft Entra identity admin centers to enable this feature. On Android, users of Microsoft Authenticator version 6.2408.5807 and later are FIPS 140 compliant for Microsoft Entra identity authentication by default. Microsoft Authenticator on Android uses WolfSSL Inc.’s WolfCrypt module to achieve FIPS 140-3 Level 1 compliance. For more information about the authentication used, see: Encryption module verification program information. This release significantly improves the user experience and security posture of Microsoft Authenticator, making it easier to achieve your anti-phishing goals. If you haven’t already considered anti-phishing, we highly recommend that you do so. Updated content is available. Passwordless Deployment Guide To begin this journey. We look forward to trying these improvements and sharing your feedback. thank you, Nitika Gupta Learn more about Microsoft Entra Prevent identity attacks, ensure least-privileged access, unify access control, and improve user experience with comprehensive identity and network access solutions across on-premises and cloud. Source link Share 0 FacebookTwitterPinterestEmail info.odysseyx@gmail.com previous post OpenAI Assistants Interactive Visualizations Using Chart.js next post Migrating Azure Data Factory’s Snowflake Connector from Legacy to latest V2 You may also like Introducing the Modern Web App (MWA) Pattern for .NET November 2, 2024 Announcing Oracle Database@Azure in Italy North and Brazil South November 1, 2024 MGDC for SharePoint FAQ: How can I estimate my Azure bill? Updated! November 1, 2024 Coming soon: MS-4014: Build a foundation to extend Microsoft 365 Copilot November 1, 2024 Additional MB courses coming in December! MB-7005 & 7006 November 1, 2024 October 2024 V2 Title Plan now available! November 1, 2024 Leave a Comment Cancel Reply Save my name, email, and website in this browser for the next time I comment.