Microsoft protects cloud with directory-integrated two-factor authentication
By Mikael Ricknäs
PCWorldJun 13, 2013 5:55 am PDT
Microsoft is upping the security on Azure with Active Authentication, a new service now in preview which allows enterprises to secure access to hosted applications such as Office 365 with two-factor authentication.
Active Authentication enables two-factor authentication for users stored on the Azure-based version Active Directory, and helps secure access to Office 365, Windows Azure, Windows Intune, Dynamics CRM Online as well as other apps that are integrated with the hosted directory service.
Developers can also use the Active Authentication development kit to build two-factor authentication into their custom applications and directories.
Active Authentication works by adding an extra step to the sign in process. After an employee, partner, or customer has entered their username and password, they are required to also authenticate with the Active Authentication app on their smartphone or via an automated phone call or text message.
More advanced authentication has become a hot topic during recent months thanks to high profile security breaches, like the theft of passwords that allowed hackers to get access to the Associated Press’ Twitter account. The extra step reduces the risk of a breach, according to Microsoft.
Like many hosted services, Microsoft pitches Active Authentication as easy to set up and manage, as well as very scalable. IT staff can activate the service by adding it to their Azure Active Directory tenant and turn it on for users.
Active Authentication is based on Microsoft’s acquisition of PhoneFactor, a deal announced last October.
During the preview, the service will cost $1.00 per user and month or $1.00 for every 10 authentications. The prices represent a 50 percent discount off Microsoft’s anticipated prices when Active Authentication becomes generally available.