Paul ThurrottNov 7, 2023
Microsoft Quietly Improved Authenticator Security to Thwart MFA Fatigue Attacks https://www.thurrott.com/microsoft/292446/microsoft-quietly-improved-authenticator-security-to-thwart-mfa-fatigue-attacks?utm_source=dlvr.it&utm_medium=mastodon
Microsoft Quietly Improved Authenticator Security to Thwart MFA Fatigue Attacks

Microsoft today reported that it finished rolling out a new feature for its Authenticator app in September, improving its security.

Thurrott.com
Show threadirobxNov 7, 2023
@thurrott Great article. Speaking of authentication doesn't Apple Passkey have better replay resistance? Any word on when we are going to get Azure AD support for Apple Passkeys?
Show threadPaul Thurrott
@xylogx No idea, sorry.
Nov 7, 2023 at 6:09pmWeb
Show threadirobxNov 8, 2023

@thurrott . My understanding is that MS plans to release ‘device-bound’ passkey support in Azure AD in public preview in January 2024 ->

https://passkeys.dev/docs/reference/terms/#device-bound-passkey

https://learn.microsoft.com/en-us/entra/fundamentals/whats-new#public-preview---device-bound-passkeys-as-an-authentication-method

Passkeys should be easier for enterprises to adopt and are full FIDO strength. The thing I don't understand is why MS does not make authenticator a FIDO strength credential like they did for WHFB.

Terms

A list of terms which are used frequently throughout this site and in discussions about passkeys, FIDO2, and WebAuthn.

passkeys.dev