Microsoft pushes authentication news involving Entra, Android

Microsoft says its Authenticator app supports phishing-resistant passkeys. In the same breath, By next summer, according to Microsoft, users of Entra IDs will be able to enroll and sign in with device-bound passkeys in the company’s Authenticator app, putting phishing-resistant credentials in the app.
As well, the company announced that Authenticator for Android complies with the U.S. government’s FIPS-140. Authenticator for iOS has been FIPS-140 compliant for a year.
Microsoft has news for iOS, too, however. The company has added FIDO2 support for Apple mobile and MacOS apps.
Technically, Authenticator for Android is compliant starting with version 6.2310.7174 for Entra authentications that use phishing-resistant device-bound passkeys, push multifactor authentications, passwordless Phone Sign-In and time-based one-time passcodes.
Last, Microsoft says it has updated its cloud-based certificate-based authentication. Security managers can now choose certificate strengths for individual users. They also can combine CBA with multiple methods of multifactor authentication and set strong binding either for an entire tenant or by user group.
Article Topics
Android | biometric authentication | biometrics | Microsoft | Microsoft Entra
Comments