With the rise of cyberattacks and data breaches, businesses and individuals are increasingly turning to multi-factor authentication (MFA) to secure their accounts. MFA is a security mechanism that requires users to provide two or more forms of authentication to access an account. One such form of MFA is the use of time-based one-time passwords (TOTP), which provide a unique code that expires after a short period and is generated by an app or device. Microsoft’s Authenticator app is one such app that provides TOTP and other MFA methods. However, not all users have the app installed, and it may not always be feasible to do so. That’s where Outlook’s Authenticator Lite feature comes in.
What is Authenticator Lite?
Authenticator Lite is a feature in Outlook that allows users to complete multi-factor authentication for their work or school account using their iOS or Android device. It provides users who haven’t downloaded the Microsoft Authenticator app with the ability to approve authentication requests and receive TOTP codes in Outlook. This feature brings the security of Authenticator to a convenient location and is especially useful for users who still use telecom transports for authentication.
When Will Authenticator Lite Be Available?
Rollout of this feature in Outlook began in March 2023, starting with public preview. The feature controls are available via MS Graph. It will move to general availability in late April 2023. On May 26th, this feature will be enabled for all users by default unless admins have taken action to disable or enable it before then. Any settings configured before May 26th will not be changed.
How to Enable Authenticator Lite
Admins can enable this feature by leveraging the Authentication Methods policy in Azure Active Directory. Starting mid-March, users can choose to enable this preview for their users from Azure Active Directory. It’s highly recommended to enable users who haven’t yet downloaded the Microsoft Authenticator app (or another strong authentication method) during the public preview.
If the feature is still set to ‘Microsoft managed’ on May 26th, the tenant will be eligible for feature enabling by Microsoft. To prevent automatic enabling, the state should be moved to ‘disabled’ or set user include and exclude groups before the date.
Why Use Authenticator Lite?
While it’s recommended to download the Authenticator app for the most up-to-date security features, Authenticator Lite is an excellent alternative for those who haven’t done so or can’t do so. It provides an additional layer of security to their account, and users can approve authentication requests and receive TOTP codes in Outlook, saving them time and hassle. It’s especially useful for those who still use telecom transports for authentication, as it adds a security enhancement to their existing authentication methods.
Conclusion
Multi-factor authentication is an essential tool in today’s cybersecurity landscape. With Authenticator Lite, Outlook brings the security of Authenticator to a convenient location for users who haven’t downloaded the app. It’s an excellent alternative for those who still use telecom transports for authentication, providing an additional layer of security to their account. Admins can enable this feature by leveraging the Authentication Methods policy in Azure Active Directory, and users can choose to enable this preview from mid-March. With the feature rolling out in public preview in March and moving to general availability in April, now is the perfect time to explore Authenticator Lite and provide additional security to your accounts.