Microsoft is making advanced Authenticator features generally available that give IT admins more control over accidental approvals and better management with a new Admin user interface and APIs.
According to Microsoft, the new admin features are designed to help protect against multifactor authentication (MFA) fatigue attacks. The company says it will automatically enable critical security features to tackle shifting threat vectors, including number matching for all Authenticator users.
The company says number matching in Microsoft Authenticator helps prevent accidental approvals and defend against MFA attacks by allowing admins to require users to enter the number displayed on the sign-in screen when approving an MFA request in Authenticator.
In Tech Community blog, Microsoft gives an example of the Authenticator app prompting the user if it was them trying to sign in and requiring them to enter a number.
Also new in Authenticator is the ability to reduce accidental approvals by showing users additional context in notifications, such as the app trying to be accessed and the sign-in location.
The new features also include a refreshed admin user interface and APIs to help IT professionals better manage their end users, including a new “Configure” tab that allows admins to enable or disable different features. The app also now includes the ability to exclude groups from features to assist with smoother feature rollouts.
Microsoft says admins can use Registration Campaigns to deploy the Authenticator app within their organization with the new security upgrades.
In addition, Authenticator on iOS now uses App Transport Security to improve the privacy and data integrity between Authenticator and web services. Microsoft says this is now enable for every user and does not impact how the app is used.
Android users can also now search their accounts and searching on iOS will roll out soon, according to Microsoft.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply