Microsoft's Azure AD Conditional Access Service Can Now Require Reauthentication
Microsoft has added re-authentication support in Azure AD Conditional Access. The company says that it’s one of the top-requested features from customers, who will now be able to configure policies to require authentication by end-users.
Microsoft defines sign-in frequency as the time period before a user is required to log in again when accessing a particular resource. Currently, the user sign-in frequency is set to a “rolling window of 90 days” by default for Azure Active Directory (Azure AD) customers. The new Conditional Access reauthentication policies feature enables IT Admins to change the sign-in frequency of applications that use the OAUTH 2 or OIDC protocols.
It is possible for an organization to require user authentication every time to access an app, but this setting is only appropriate for scenarios like user risk, session risk, and Microsoft Intune device enrollments. Microsoft believes that frequent sign-ins increase the risks of phishing attacks or credential theft and it should only be required for “high-risk scenarios.”
“We’ve gotten a ton of feedback from customers who want extra protection during scenarios where people may have wandered away from their desks, lent their devices to their kids, or if a device became infected with token stealing malware,” said Ricky Pullan, PM for Intelligent Access Team. “With this new capability, you can explicitly re-verify identity, device, and any other Conditional Access conditions for high-risk scenarios.”
Microsoft to add Conditional Access reauthentication policies support for more scenarios
This capability is available for several Office 365 desktop and mobile apps. Additionally, it is supported on Office.com, Exchange Online, the Teams web client, OneDrive and SharePoint, OneNote Online, Dynamics CRM Online, Azure portal, and the Microsoft 365 Admin portal.
Microsoft will continue to listen to feedback about the Conditional Access reauthentication policies while the feature is in public preview. Meanwhile, it is also planning to add support for some new reauthentication scenarios such as PIM elevations and securing VPN access in the coming months.
More in Microsoft Azure
Microsoft Integrates GPT-4 into Azure OpenAI Service
Mar 22, 2023 | Rabia Noureen
Microsoft's Azure OpenAI Service Gets New ChatGPT Integration in Preview
Mar 9, 2023 | Rabia Noureen
Microsoft's New Azure Operator Nexus Solution Now Available in Public Preview
Mar 2, 2023 | Rabia Noureen
Microsoft Introduces Fully-Managed Azure Load Testing Service for Developers
Feb 2, 2023 | Rabia Noureen
Azure Native New Relic Service Provides Full Stack Observability To Boost Digital Transformation
Jan 25, 2023 | Rabia Noureen
Microsoft Acquires Fungible to Bolster Azure Networking and Storage
Jan 10, 2023 | Rabia Noureen
Most popular on petri