Enterprise Mobility and Security Blog

RSS

Howdy folks,

As many of you know Azure MFA can be deployed in two modes, either directly inside of Azure AD in the cloud, or using our Azure MFA server, connected to on-premises ADFS and/or RADIUS servers. This second deployment option is VERY popular and over 80% of our customers deploy this way. Customers using the on premises mode have been asking us to add support for a few key features that up until now, only worked in Azure AD cloud connected model.

So today I'm happy to let you know that we've turned on support in our Azure MFA server for One Time Passwords of SMS, the #1 feature customers have asked us to add.

To tell you more about this new capability, I've asked David Howell, our Partner Group Program Manager for Identity Security and Protection to write up a guest post about this feature. David is a long-time Microsoftee who previously lead our cloud authentication team PM team. David recently took on his new role in my team driving our identity security and services PM team, an area which includes MFA and all of our cloud based security monitoring and machine learning systems. David is going to be a frequent contributor to the AD Team blog going forward as his team has a LOT of exciting capabilities currently in development.

So with that, I'll turn it over to David.

Best Regards,

Alex Simons (Twitter: @Alex_A_Simons)

Director of Program Management

Microsoft Identity and Security Services Division

——————–

Greetings everyone!

My name is David Howell. I've worked at Microsoft for many years in Online Services and in Identity, and now I am heading up an effort in our Identity Division to focus on security and protection features for Active Directory, Azure Active Directory and our Microsoft Account service. In my new role, I'm going to be blogging a lot about our security improvements in MFA, Active Directory and Azure Active Directory.

I hope you find our work here and these posts valuable!

Today I'm happy to announce the support of one-way text messaging with One Time Passwords (OTP's) in Azure Multi-Factor Authentication (MFA) server. This has been a feature ask from a lot of our customers. 

Azure MFA Server already had support for a variety of options like phone call, two-way text message, mobile app and third party OATH token. The addition of one-way text messaging and OTP's bolsters our MFA story giving customers more options for ways to secure their organization.

What is one-way text message?

One-way text message is an authentication option where users will receive a text message with an OTP. The users will then enters the OTP in the prompt window to complete MFA challenge.

Customers can use one-way text message to secure RADIUS authentication, Web Service SDK and ADFS MFA Adapter.

How do I enable one-way text message for my users?

First of all, install and configure the latest version of the MFA server. To learn more about how to get started with MFA server, check out our video here.

Once you have the MFA server configured, navigate to the Company Settings section and select the One-way option from the Text message dropdown.

I hope you'll find this functionality useful for securing your organization. And as always, we'd love to receive any feedback or suggestions you have.

Best Regards, David Howell (Twitter: @David_A_Howell)

Partner Group Program Manager

Microsoft Identity and Security Services Division