Microsoft continues its war against unauthorized app access. Now, the company aims to bring some major security changes to the way its Authenticator app lock works. Now, Microsoft says it is making the app more secure and easier for end-users.
Aiming to safeguard the authenticator app using a biometric or PIN, Microsoft Authenticator previously implemented its App Lock mechanism. Microsoft Authenticator enables two-factor authentication (2FA) on different apps and websites.
Microsoft Authenticator enables App lock by default
The latest update to Microsoft App Lock enhances the core functionalities of the existing Authenticator app. For instance, now that App Lock is enabled by default, users will have to authenticate themselves before retrieving 2FA code from the app. This also extends to notifications.
“Now, if App Lock is enabled, when you approve any notification, you’ll also have to provide your PIN or biometric,” Microsoft said.
Up until now, opting in for Microsoft Authenticator’s app lock feature was optional. However, this changes with the latest release of the Microsoft Authenticator app. Now, if you have set up a PIN or biometric on your device, the App Lock feature will be enabled by default.
This feature has been requested by multiple users. In fact, a community forum post from August 2019 requesting this feature reads:
“We would like to enforce the ‘app lock’ setting on the Microsoft Authenticator app to force users to either enter their device passcode or use biometric authentication before opening the app.”
This feature will come in handy when an unlocked device is compromised. Thanks to default App Lock, attacks will not be able to circumvent multi-factor authentication (MFA) security.
This feature is currently limited to Microsoft Authenticator for iOS v6.4.22 onwards. The update will come to Android next month, Microsoft has confirmed.
In March, Microsoft Authenticator released a new update to manage personal Microsoft accounts, in addition to its primary two-factor authentication method.
Meanwhile, here is how you an turn on Cloud Backup for Microsoft Authenticator on Android and iOS.
