Microsoft Adds Time-Based One-Time Passcode Support to Azure AD
Microsoft has released time-based one-time passcode (TOTP) support for Azure Active Directory (Azure AD) customers. The new security feature allows end users to validate their identity with temporary one-time passcodes generated by an authenticator app.
Time-based password (TOTP) is one of the most popular multi-factor authentication (MFA) methods. It’s a temporary numeric passcode created by a standardized algorithm that uses the current time of the day as an input. Users are required to enter the passcode within a specific time (30 to 90 seconds) before it expires. It can help to prevent hackers from gaining access to sensitive data in enterprise environments.
“Integrating a time-based OTP with an authenticator app as a second factor in B2C scenarios user flows enables a higher level of security compared to existing email and phone factors,” Microsoft explained. “This can help users by eliminating the need for users to wait for codes to arrive in email or text messaging apps. The short lifespan of OTP codes also makes them very hard for attackers to intercept.”
Time-based OTP supports all popular authenticator apps
Once the TOTP-based MFA is enabled, users will need to install an authenticator app on their devices. They can use the app to scan the QR code or enter it manually while signing up or logging in for the first time. However, users will be required to enter a TOTP code that appears on the authenticator app during subsequent sign-in attempts.
Microsoft notes that the security feature works with any authenticator app that supports time-based one-time password verification. However, the company recommends customers to use Microsoft Authenticator for generating TOTP codes.
Microsoft has also published a detailed guide to help IT admins configure time-based OTP for Azure AD user accounts. Let us know in the comments below if you think that the new feature can help to prevent security breaches in your organization.
More in Azure Active Directory
Microsoft to Add IPv6 Support to Azure Active Directory in March
Jan 12, 2023 | Rabia Noureen
How to Create Conditional Access Policies using PowerShell
Jan 4, 2023 | Liam Cleary
Microsoft Releases Azure AD Authentication Support for Windows Admin Center in Azure
Dec 1, 2022 | Rabia Noureen
Microsoft Releases Azure AD Certificate-Based Authentication Support on iOS and Android
Nov 2, 2022 | Rabia Noureen
Azure AD Conditional Access Policies Get Support for App Filters
Nov 1, 2022 | Rabia Noureen
Budget for Operational Resilience in 2023
Oct 20, 2022 | Russell Smith
Most popular on petri