Microsoft has released a new update for its Authenticator app for iOS and Android, and the new bits bring new security features for enterprise users and IT admins. The company noted that some of these features are generally available while the rest are currently available in public preview.
Microsoft Authenticator has introduced a new number matching experience in push notifications to enhance user sign-in security and reduce accidental approvals. Once enabled, the feature prompts users to type the 2 digit code that appears on the sign-in screen in order to complete the approval request.
Additionally, the app can now provide additional context directly within mobile push notifications. When enabled, Microsoft Authenticator notifications will display app’s name as well as the sign-in location based on the IP address. This feature complements the number matching feature to help IT admins make the sign-in experience more secure for end-users.
For users in an organization that are already enabled for Microsoft Authenticator but have yet to set it up, this latest update also lets IT Admins run Registration Campaigns. The next time employees complete a multi-factor sign-in using less secure telephony methods, they will be prompted to set up Microsoft Authenticator, which will become their default authentication method going forward.
Last but not least, Microsoft has also introduced a new setting that lets IT Admins restrict resource access to employees residing within a specific geographical location. When enabled, the Microsoft Authenticator app now requires users to share their GPS location during the sign-in process.
These security improvements are currently rolling out to all enterprise customers, and the company is encouraging users to provide their feedback on the new Microsoft Azure Feedback portal. Earlier this month, Microsoft has also released a new logo and enterprise features for enterprise users, and you can find more details in our separate post.