eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Microsoft is consolidating its multi-factor authentication apps, offering both consumers and business users a unified, password-enhancing experience.
Multi-factor authentication, whether delivered via a mobile app, a text messaging service, dedicated dongle or other solution, helps protect organizations and users from easily hacked passwords and credentials that were gleaned from breaches, phishing emails and other attempts to gain entry into user accounts. Instead of relying solely on one password, multi-factor authentication schemes employ a second mechanism or service like a text message sent to a user’s phone to reduce the likelihood that an attacker can successfully access. Last month, a survey conducted by Mail.com revealed lax security password practices that may keep IT professionals up at night.
An estimated 20 percent of Americans use the same password across multiple services, making the jobs of cyber-criminals much easier. A third use birthdays and other easy-to-guess combinations of letters and/or numbers like “123456” as passwords.
To combat this, at least in terms of the company’s own services, Alex Simons, director of program management at Microsoft’s Identity Division, announced that on Aug. 15, the company will be releasing a new Authenticator app that reaches across both the enterprise and consumer segments of the software giant’s customer base.
“This new app combines the best parts of our previous authenticator apps into a new app that works with both Microsoft accounts and Azure AD accounts,” Simons said in a July 25 announcement. “As many of you know, we’ve had separate authenticator apps for Microsoft accounts and Azure AD for quite a while—the Azure Authenticator for enterprise customers and the Microsoft account app for consumers. With the new Microsoft Authenticator, we’ve combined the best of both into a single app that supports enterprise and consumer scenarios.”
The app will sport a new, more streamlined interface. One-click push notifications allow users to authorize access attempts quickly on their mobile devices without opening the app or on their wearable devices with a simple tap.
Speaking of wearables, Simons signaled that the app will support Apple Watch and Samsung Gear smartwatches.
Microsoft Authenticator is also embracing biometrics, allowing device owners to use the fingerprint readers on Apple iPhones and compatible Android devices to log in. Finally, in a nod to enterprise customers, the app will feature support for certificates, eliminating the need for passwords.
The application will be delivered as an update to the existing Azure Authenticator app while a notification will encourage Android users to perform the upgrade. And Microsoft is coming up with more functionality, said Simons.
“Now that we’ve finished consolidating into a single code base, we’re expecting to deliver new improvements at a very rapid pace. So, stay on the lookout for this cool new app, and let us know what you think. If you are an enterprise customer, this is a great time to start updating your documentation to direct employees to the new app,” he said.
