As announced on July 25, today, Microsoft’s new Microsoft Authenticator app replaces both its Azure Authenticator and Microsoft Account app as the one easy-to-use app for all your multi-factor authentication needs.
Now, I’m not sure whether Microsoft will use the above slogan for the app, but to me it sums up what this new app offers.
Being involved in several Azure Multi-Factor Authentication projects, I’ve been deploying and using the Azure Authenticator app (and its predecessor, the Multi-Factor Auth app) to Windows Phone, iOS an Android-based devices in the past couple of years. Additionally, Dave looked at using the Microsoft Authenticator Windows Phone app with Google back in 2013. Yes, it was named the Microsoft Authenticator app, back in those days, too. That’s OK, because Nokia will soon be making mobile phones too and come full circle again, too…
People using the Azure Authenticator app on Windows Phone, iOS an Android-based devices, will be automatically upgraded to the new Microsoft Authenticator app, starting today. Existing accounts, already configured in existing Azure Authenticator installations will be upgraded automatically. Users of the Microsoft account app for Android will receive a prompt to download the new app.
One app for both Azure MFA and Microsoft Accounts
With the new Microsoft Authenticator, Microsoft combines multi-factor authentication for both Azure-based accounts (OrgIDs) and Microsoft Accounts (MSAs) into one app, that supports enterprise and consumer scenarios. Next to these two types of Microsoft accounts, the Microsoft Authenticator supports any service that works with OATH-based one-time passcodes, just as the old Azure Authenticator did (and the old Microsoft Authenticator before it) to allow you to use one app for all your Microsoft, Facebook and Google multi-factor authentication needs.
To make authentication as easy as possible, you only need to click the “approve” button in the push notification triggered by Microsoft Authenticator on your mobile device to complete the login. (And in most cases, you won’t even need to open the app to complete the approval.)
Support for wearables.
You can use an Apple Watch or Samsung Gear device to approve multi-factor authentication challenges.
Android Wear-based devices and Microsoft’s own band are currently not supported for this scenario.
Finger prints instead of passcodes
Microsoft added support for fingerprint-based approvals on both iPhones and Android-based devices.
Azure Multi-Factor Authentication allows organizations to require a PIN in addition to having possession of their registered device. With this new feature, iOS and Android users with devices supporting TouchID or Android 6.0+ Fingerprint Authentication, won’t need to enter the PIN anymore. Once set up, users just scan their fingerprint instead of entering PIN and tapping Approve.
The Microsoft Authenticator app, currently, does not support Microsoft Hello on Windows Phone-based mobile devices, like to Lumia 950.
The Microsoft Authenticator app adds support for enterprise customers to sign in through certificates instead of passwords using certificate-based authentication.
This way, supported Exchange ActiveSync mobile apps on iOS 9+ and Android L+-based devices can perform single sign-on (SSO) certificate-based authentication from the mobile device’s keychain to Exchange Online web-based resources, for both managed and federated Azure AD domains. In federated Azure AD domains, Office applications on iOS 9+ and Android L+ can perform certificate-based authentication against the federation server. The above features were announced in public preview and described in more detail on July 18. A detailed HowTo for deploying certificate-based authentication was posted on July 19.
Rapid Release Cycle
Microsoft is expecting to deliver new improvements at a very rapid pace.
Download and Install
Microsoft Authenticator | Google Play Store
Microsoft Authenticator | iTunes App Store
Microsoft Authenticator Beta | Windows Store
Microsoft Authenticator – Coming August 15th! Supports #AzureAD & Microsoft acct!
Microsoft to release all new Authenticator app for iOS, Android and Windows devices
Moving to the new Azure Authenticator app
ADFS: Certificate Authentication with Azure AD & Office 365
#AzureAD: Certificate based authentication for iOS and Android now in preview!
Microsoft Authenticator combines authenticator products, adds new features
Microsoft rolls out a new Authenticator app for Android and iOS, makes 2FA simpler
CodeChannels – Microsoft Authenticator
Microsoft Merges Its Authenticator Apps Into One, Adds One-Button Approval
Microsoft releases new Authenticator experience on Android
Microsoft Authenticator gets Google and Facebook account support
I have added my MS account to this app but I am not getting push notifications. I still have to copy and paste the code. I am on iOS. Is push notifications only supported for Azure AD accounts, or something?
Disappointed there is no provision for a Windows application for this, and RFC 6238 support doesn't seem easy to find/verify.