Microsoft updates many more enterprise security features for Authenticator

Microsoft just added some new features to the Microsoft Authenticator app. These updates will make the application more secure and easier to deploy in an enterprise environment.

Microsoft Authenticator is an authentication tool that helps users sign in to their accounts with 2FA (two-factor authentication, also known as two-step authentication), passwordless login, or password autofill.

According to Alex Simons, Corporate Vice President of Microsoft Identity Division Program Management, new features of Microsoft Authenticator include:

1. Admins can prevent accidental approvals in Microsoft Authenticator with additional context and number matching capabilities.
2. Administrators can set up GPS location-based Conditional Access policies using Microsoft Authenticator.
3. Admins can push their users to set up Microsoft Authenticator during sign-in using the Registration Campaign feature.

By enabling number matching in Microsoft Authenticator push notifications and additional context in requests, administrators improve the security of users in organizations. They can also use Conditional Access policies to restrict access to business resources to a specific geographic area with the help of Microsoft Authenticator GPS location information.

Last but not least, Microsoft is now able to push users who haven't set up Authenticator to install it and use it as a more secure alternative to SMS-based MFA authentication.

Besides upgrading Microsoft Authenticator, Microsoft is also promoting passwordless login method. In September, the company allowed users to log into Microsoft accounts without using a password.

Before that, in March, Microsoft also started letting business customers sign in without a password. In 2020, Microsoft testing showed that more than 150 million users signed in to Azure Active Directory and Microsoft accounts using passwordless methods.

Jessica Tanner

Update 22 November 2021