Jun 28 2023 06:16 AM
Jun 28 2023 06:16 AM
First of all sorry if my English is not good, I go through a translator.
Concerning Office 365, Microsoft announces very soon the end of the MFA by voice and sms (in summary: removal of the channel by telephone network operator because not secure).
Microsoft strongly recommends the use of Microsoft Authenticator, available only on smartphones.
So far I have seen that we can exclude users from the "change method" campaign. But I imagine that at some point this will no longer be possible (as was the case for the transition to modern authentication).
Problem: Legally impossible to impose the use of smartphones by our customers. However Microsoft Authenticator is not available on PC.
I have seen other solutions such as ADFS with authent by Certificate, but with our small customers it will not pass.
Currently I use this application solution with OTP code for small customers, which has the advantage of being installed on a PC unlike Microsoft Authenticator:
1 - Will this type of application (OTP challenge) continue to operate based on Microsoft's actions this summer aimed at strengthening the security of their authentication?
2 - Do we know until when we can exclude users from the "change of method" campaigns planned from July 10, 2023 ?
Thanking you in advance for your answers
Jun 28 2023 08:08 AM
Jun 30 2023 03:15 AM
First of all, thank you for your reassuring feedback.
On the other hand, if today Microsoft does not remove the MFA by SMS, we can be sure that it will happen in the medium term. This is what happened for the obligation to switch to Modern authentication.
We can see here in the post of mr Alex Weinert the firm intention of Microsoft to rule out the use of SMS:
Also this MFA method change campaign on July 10, 2023 bears witness to this.
The problem is that switching methods for a large number of users can take time. So if we had an idea of the timeframe that would help us a lot.
Does anyone have any idea when Microsoft will completely cut this method? in 6 months ? 1 year ? 2 years ?
Have a nice day and thank you in advance
Jun 30 2023 08:47 AM
Jul 05 2023 05:16 AM
Jul 10 2023 08:26 AM
Thank you all for your responses.
And sorry for the delay in my response, I was on vacation.
Thank you for your feedback, we have actually tested this type of model, I like this alternative. On the other hand, for the moment, our customers have not yet wanted it. They are afraid that users will lose them. But yeah that's a good idea.
Thank you, great news, I will test. For the moment I do not understand the difference with the authentication by voice call that Microsoft wishes to remove with the sms. But I will test and I will return here in this forum.
Aug 22 2023 09:04 AM