Microsoft released the public preview of Authenticator Lite for its Outlook mobile apps back in March 2023. The company has announced that the feature is now generally available on Android and iOS devices.
Microsoft’s Authenticator Lite feature allows users to approve multifactor authentication requests for work or school accounts directly in the Outlook mobile app. Users will receive push notifications with time-based one-time passwords (TOTP) via the Authenticator Lite app.
Additionally, Authenticator Lite prompts end users to enter a number displayed on the screen
to block multifactor authentication (MFA) fatigue attacks. It’s a social engineering technique that involves bombarding a target victim with MFA push notifications. The Authenticator Lite feature aims to enhance security for users who have not already installed the Microsoft Authenticator app.
“We strongly recommend moving your users off phone transports for authentication and towards more secure methods such as push notifications. Authenticator Lite (in Outlook) expands the opportunity to convert users by bringing the enhanced security of push notifications to devices that have not yet downloaded the Microsoft Authenticator App,” Microsoft explained.
Microsoft notes that IT admins can configure and manage Authenticator Lite capabilities in the Microsoft Entra portal and via MS Graph. However, the company plans to enable the Microsoft-managed setting for all organizations next month. It will let Azure Active Directory choose to turn on or off certain features for customers.
“Until June 9, leaving the feature set to ‘Microsoft managed’ will have no impact on your users and the feature will remain turned off unless you explicitly change the state to enabled. Due to the security enhancement this feature provides users, the Microsoft managed value of this feature will be changed from ‘disabled’ to ‘enabled’ on June 9,” Microsoft added.
Currently, Authenticator Lite is only supported in the Outlook mobile app, and it’s not yet available for desktop users. If you’re interested, you can find more details about how to enable the feature on this support page.