Microsoft Authenticator Introduces Three Key Updates for Enhanced Secure Authentication
Microsoft has recently revealed significant updates to Microsoft Authenticator, which enhance its phishing-resistant, two-factor authentication capabilities.
Initially unveiled in May, the public preview of device-bound passkey support is available for Microsoft Authenticator on both iOS and Android platforms. Following user feedback on the complicated passkey registration process during this preview phase, Microsoft has streamlined the workflow. Now, users are directed to log into the Authenticator app, where Microsoft provides guidance on the necessary prerequisites.
Additionally, Microsoft has introduced attestation support to bolster security measures. When this feature is active, Microsoft utilizes Android and iOS APIs to confirm the authenticity of the Microsoft Authenticator app on the user’s device before the passkey can be registered. These enhancements are currently in preview, with a wider launch anticipated soon.
Moreover, Microsoft is launching public preview support for passkey (FIDO2) authentication in brokered Microsoft applications on Android. This allows users to sign into prominent enterprise Microsoft applications like Teams and Outlook using a FIDO2 security key or passkey via the Microsoft Authenticator app.
This functionality requires either the Microsoft Authenticator app or the Microsoft Intune Company Portal app to be set as the authentication broker on devices running Android 14 or higher. In the upcoming months, Microsoft plans to extend support for FIDO2 security key sign-in to Microsoft apps on Android 13.
Lastly, Microsoft has announced the introduction of a FIPS 140-compliant version of the Authenticator app for Android. Notably, the iOS version of the Authenticator app has met FIPS 140 compliance since late 2022. Users running Microsoft Authenticator version 6.2408.5807 or later on Android will have FIPS 140 compliance enabled by default for Microsoft Entra ID authentication, with no additional actions required from IT administrators. Support for FIDO2 security key sign-in in brokered applications on Android 13 will also be available in the near future.
With these advancements, Microsoft Authenticator remains a powerful and dependable solution for secure enterprise authentication globally, particularly for setups involving Entra ID.
Leave a Reply