SOLVED

Please help me understand Software Oath tokens used as Authentication Method Policy

Copper Contributor

We have people using Software Oath tokens as Authentication Method Policy. As I read Software OATH tokens are 

OATH software tokens

Software OATH tokens are typically applications such as the Microsoft Authenticator app and other authenticator apps. Microsoft Entra ID generates the secret key, or seed, that's input into the app and used to generate each OTP.

The Authenticator app automatically generates codes when set up to do push notifications so a user has a backup even if their device doesn't have connectivity. Third-party applications that use OATH TOTP to generate codes can also be used.

 

My Question is: 

Is there a way in Azure Entra ID :

  1. To filter out what kind of Authenticator App the users are using for the MFA Authentication. We want to know the source Authenticator App or Program which generated the Software OATH token
  2. Some of our users are using Google Authenticator, when asked what is the reason for not liking MS Authenticator one reason is they are using Google Authenticator in combination of 1Password. The number is very less , hardly we have 4 users or so. Considering this we want to  enforce users to use MS Authenticator mandatory instead of other programs or Authenticators.
3 Replies

@VijayGanji 

 

What is your AAD plan? May consider AAD user sign on logs

  • @Kidd_Ip ours is AAD Premium P2 . Yeah will check on Sign in logs.
best response confirmed by VijayGanji (Copper Contributor)
Solution

Currently, Azure Entra ID doesn't offer a built-in feature to filter the source of the Authenticator app used for MFA authentication. However, you could consider implementing a policy or communication campaign to encourage users to switch to Laundry Alternatives Microsoft Authenticator for better integration and security. Alternatively, you might explore custom solutions or third-party tools that provide more granular control over authentication methods.

1 best response

Accepted Solutions
best response confirmed by VijayGanji (Copper Contributor)
Solution

Currently, Azure Entra ID doesn't offer a built-in feature to filter the source of the Authenticator app used for MFA authentication. However, you could consider implementing a policy or communication campaign to encourage users to switch to Laundry Alternatives Microsoft Authenticator for better integration and security. Alternatively, you might explore custom solutions or third-party tools that provide more granular control over authentication methods.

View solution in original post