New Microsoft Authenticator features for organizations
Microsoft announced four new features for the company's Microsoft Authenticator application for organizations. The new security features improve Microsoft Authenticator's capabilities in several meaningful ways.
Two feature additions improve the sign-in experience. The first, Additional context in Microsoft Authenticator approval requests, adds more information to the confirmation prompt. The feature uses the device's IP address to display location based information and a map. It will also display the application that is requesting access.
Administrators need to enable push notifications for some users or groups using the new Authentication Methods Policy API.
Administrators may combine the new security feature with number matching, yet another new feature that is available in public preview. Number matching requires users to enter a number in the Microsoft Authenticator application that is displayed on the sign-in screen.
Number matching can be enabled individually, or in combination with the extended context feature.
The third feature addition adds options to restrict access to "the boundaries of a specific country by using the GPS signal from the Microsoft Authenticator". Countries can be blocked using the device's IP address or GPS coordinates, which the Microsoft Authenticator application provides. Authentication is denied automatically if the phone is rooted or jailbroken.
The fourth and final new feature may be used to encourage users to enable two-factor authentication and the use of Microsoft Authenticator.
The third and fourth feature is already available.
Administrators may check out the following support pages for additional details:
- How to use number matching in multifactor authentication (MFA) notifications (Preview) - Authentication Methods Policy
- How to use additional context in multifactor authentication (MFA) notifications (Preview) - Authentication Methods Policy
- Using the location condition in a Conditional Access policy
Three of the four new security features would make good additions to Home editions of Microsoft's Authenticator application. It would probably not be difficult to add extra context to the confirmation prompts, enable the number matching experience, or country blocking.
Now You: do you use an authenticator application or 2-factor authentication?Advertisement