Microsoft has started rolling out a new Authenticator Lite feature in preview for its Outlook mobile app. The company announced on the Microsoft 365 admin center that it allows users to sign into their work or school accounts where MFA is enabled via the Outlook app on iOS and Android devices.
Multifactor authentication (MFA) is a security feature that allows customers to use multiple forms of authentication (such as a PIN or one-time code) to access a service. It adds an extra layer of security and makes it difficult for unauthorized users to access sensitive data.
The Microsoft Authenticator app already allows users to verify their sign-in for Microsoft 365 apps on mobile devices. The app generates a unique 6-digit code that can be used to approve authentication requests for Microsoft accounts and third-party services.
Microsoft explained that Authenticator Lite is designed to boost security for users who have not installed the Microsoft Authenticator app on their mobile devices. The feature lets users get code directly within the Outlook app on both Android and iOS. For now, it only supports push notifications with number matching and one-time codes.
“Microsoft Authenticator Lite is another surface for Azure Active Directory (Azure AD) users to complete multifactor authentication by using push notifications or time-based one-time passcodes (TOTP) on their Android or iOS device. With Authenticator Lite, users can satisfy a multifactor authentication requirement from the convenience of a familiar app,” Microsoft explained.
Microsoft notes that the Authenticator Lite is available in public preview for select Outlook users. This means IT admins can use the Authentication Methods policy in Azure Active Directory to enable the feature for end users in their tenant. Microsoft expects to make the feature generally available in late April.
Microsoft has announced that it will enable Authenticator Lite by default for all enterprise customers on May 26th. However, IT admins will have the option to disable the feature or include/exclude users or groups before that date.