Microsoft improves usability of two-factor authentication in Windows 11
Microsoft added a new usability feature to development builds of its Windows 11 operating system recently that improves two-factor authentication use on the operating system.
Two-factor authentication is a security feature that is used widely by apps, websites and services. It is an optional feature in most cases that adds a second verification step to the authentication process. When users sign-in to a site, app or service with their username and password, they are prompted to enter a second verification code to complete the process.
This new code, often a six digit number, is provided in a variety of ways. All of these have in common that the code is generated when it is requested. Some use email or SMS to send the codes to their customers, others ask customers to use authentication apps such as Authy, Microsoft Authenticator and many others instead. Apps offer the advantage of increased security. Neither email nor SMS are safe to use, as data is transmitted in clear text by default.
Two-factor authentication is an essential security feature, especially for high-value accounts. Passkeys and other advanced authentication options will likely replace two-factor authentication in the coming years as these systems offer even better security and privacy.
Windows 11: two-factor authentication improvements
Windows 11 users may install authentication apps on the device to generate these one-use codes for services and apps they use, but they may also receive codes via email or connected mobile devices.
All of these methods have in common that a code is displayed to the user that needs to be entered during the authentication process to access the app, service or site. If Disney+, Netflix or Amazon Prime are installed, these may be set up to require two-factor authentication.
Depending on the way the code is delivered, it may or may not be copied by the user to improve entering it.
Microsoft developed a new feature for Windows 11 that improves the usability of the process, at least for some use cases. Available in developer build 25252 currently, Windows 11 is capable of detecting authentication codes. The operating system displays the code, e.g., if received in the default Mail app, and displays it as a notification.
That is useful already, but Microsoft implemented an option to copy the code to the Clipboard. The new feature speeds up the process significantly. Previously, Windows 11 users had to bring the Mail app or the Authenticator app to the front, locate the code and copy it. Now, all it takes is a single click or tap on the "copy to clipboard" action displayed as part of the notification.
Microsoft admits that the new feature may sometimes fail to identify two-factor authentication codes. Testers are encouraged to provide Microsoft with details on issues that they experience when using the feature.
Microsoft has yet to announce when the feature will land in stable versions of Windows 11. It seems likely that it is going to be included in an update this year.
Now You: do you protect your accounts using two-factor authentication?Advertisement