Authenticator for Multifactor Sign-In

The Microsoft Authenticator mobile application asks users to confirm that they are attempting to log in to Office 365 or other services using Azure Active Directory and multifactor authentication (MFA). As shown here, the application, formerly called Azure Authenticator, allows users to respond to push-based app notifications and approve or deny a sign-in request when it occurs (shown on the right, after a user has pressed the notification shown in the center image). The notification-based feature offers a model for MFA that users are likely to find particularly usable, although the app also allows users to validate sign-in requests by typing in traditional time-based codes or codes transmitted to the application.

The application could help administrators begin adding an increased level of security to their own accounts as well as user accounts used for Office 365, AAD Premium, and services that interoperate with them. Users or administrators will need to configure user accounts to enable MFA and configure the application from within Office 365 or AAD, and users may need some training to familiarize them with the applications.