Microsoft has announced a major update for Microsoft Authenticator, allowing users to enjoy a phishing-resistant, two-factor authentication experience.
Back in May, Microsoft first announced the public preview of device-bound passkey support in Microsoft Authenticator for iOS and Android. During the preview phase, Microsoft received feedback about the cumbersome passkey registration process. Now, Microsoft has improved the passkey registration flow by directing users to sign in to the Authenticator app. Inside the app, Microsoft will guide users through prerequisites.
Microsoft has also added attestation support to improve security. When enabled, Microsoft will use Android and iOS APIs to verify the legitimacy of the Microsoft Authenticator app on the user"s device before registering the passkey. These two improvements are now in preview, and general availability can be expected soon.
Microsoft is also announcing public preview support for passkey (FIDO2) authentication within brokered Microsoft applications on Android. Users will be able to use a FIDO2 security key or passkey in the Microsoft Authenticator app to sign in to popular enterprise Microsoft apps, including Teams and Outlook.
This will work if either the Microsoft Authenticator app or the Microsoft Intune Company Portal app is installed as the authentication broker on an Android 14+ device. In the coming months, Microsoft will add support for FIDO2 security key sign-in to brokered Microsoft apps on Android 13.
Finally, Microsoft announced the FIPS 140-compliant version of the Android Authenticator app. It is important to note that the iOS Authenticator app has been FIPS 140-compliant since late 2022. If you use Microsoft Authenticator version 6.2408.5807 and higher on Android, it will be FIPS 140-compliant by default for Microsoft Entra ID authentication. No changes are required by IT admins to make the app FIPS 140-compliant. Support for FIDO2 security key sign-in to brokered Microsoft apps on Android 13 will be coming in the following months.
With these enhancements, Microsoft Authenticator continues to be a robust and reliable tool for secure authentication for enterprises around the world with Entra ID-based identity setup.