Office Enhanced Authentication Preview

The Office suite will enable multifactor authentication and some forms of single sign-on using a client component that is currently in preview. The component could enhance security in many organizations with Office users, and the preview enables organizations to test the component with their systems. The screen shot here shows what will probably be a common use of the component: an Outlook user entering a second factor (a numeric code received by text message) to sign in to Exchange Online, the Microsoft-hosted Office 365 e-mail service.

Multifactor authentication can enhance security and may be mandated in some organizations. Office 365 has enabled multifactor authentication for some time, but Outlook and other Office applications did not work with it, so users had to employ the more limited Outlook Web App browser interface or maintain “app passwords” to bypass multifactor authentication.

The new authentication component, which Microsoft calls modern authentication, works with identity providers and services through the Active Directory Authentication Library (ADAL) software. ADAL works with Office 365 and Azure multifactor authentication, SAML 2.0 passive authentication (a widely used protocol for single sign-on), and smart cards and certificates.