Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft Authenticator gets new features to enhance security

3 min. read

Published onOctober 27, 2022

published onOctober 27, 2022

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Microsoft Authenticator is an account verification app that helps sign into your Microsoft account from any device using two-step verification. The application has evolved ever since it was launched, adding new capabilities like theauto-generation of stronger passwordsandautofill supportfor addresses and payment details.

As you might recall, back in August we reported on how attackers were using push-based MFA to spam users to bypass Microsoft’s multi-factor authentication. While there we some recommendations provided on how to avoid falling victim to such tricks, Microsoft is nowadding an extra layer of securityto further mitigate this issue through a couple of features that are now in general availability.

First up is Number matching in Microsoft Authenticator MFA experience which is in place to help users from making accidental approvals while simultaneously protecting them from MFA attacks by hackers. The feature once enabled by admins will call upon the users to enter the number displayed on the sign-in screen when approving an MFA request in Authenticator.

Building upon this premise, Microsoft will now provide users with additional context in Authenticator notifications on two counts. First, is the application being signed into, second up the users will get to know the sign-in location based on the IP address of the device they’re signing into.

What’s more, through the refreshed Admin UX and APIs admins will now have an easier time when it comes to the management of the Authenticator app features as they can now make use of the Configure tab in the Admin UX to enable/disable different features. Admins will additionally be able to exclude groups from features with the aim of providing a “smoother’ experience when it comes to feature rollouts. However, this will not apply to the number matching feature once it reaches general availability.

Microsoft further indicated that:

At the end of February 2023, we’ll enable number matching for all Authenticator users. We highly recommend that you leverage the rollout controls and deploy these exciting security upgrades to Microsoft Authenticator.

And finally, if you are using the Authenticator app on iOS the privacy and data integrity between Authenticator and web services will be improved significantly courtesy of App Transport Security (ATS). The feature is already enabled by default and will not impact your interaction with the app whatsoever. Furthermore, Android users can search for their accounts using Microsoft Authenticator. The same feature is set to roll out for iOS users soon.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Radu Tyrsina