Microsoft goes password-free for Azure AD sign-in

Enterprise customers using Microsoft’s Azure Active Directory (AD) ID management service can now use the Microsoft Authenticator app to login instead of passwords. 

Microsoft announced the new Authenticator-based password-free support for Azure AD at its annual Ignite conference, which is being held this week in Orlando, Florida. 

Authenticator support means enterprise customers with line-of-business apps that users connect to through Azure AD can now use fingerprint, face, or PIN to sign-in from a phone. 

Microsoft products that use Azure AD for sign-in include Office 365, Azure, and Dynamics CRM Online. 

Authenticator support should make it easier for enterprise customers to eliminate passwords, and with it, the problem of users picking weak passwords or reusing them across services.

Azure ExpressRoute Global Reach has also reached general availability as of this week, allowing customers to connect to on-premise networks through Microsoft’s network. 

Meanwhile, it’s launching a preview of Virtual WAN support in Express Route to enable VPN, SDWAN and ExpressRoute connections through Microsoft’s network. 

Microsoft has also launched what it calls Azure "confidential computing", which uses chip-level encryption to protect data on shared public cloud hardware.  The so-called trusted execution environments (TEEs) rely on Intel’s SGX or Software Guard Extension (SGX) technology.  

Azure customers can deploy virtual machine instances that use Intel Xeon chips with its SGX protections, which in theory should protect data even from Microsoft employees with physical access to hardware where information is stored. 

To this end, Microsoft is also planning to open source a software development kit that provides APIs for Intel SGX and Arm-based chips that support the latter’s TrustZone technology. 

Microsoft is also promising that its Security Center’s machine learning smarts will be able to detect malware on Linux, Azure Storage, and Azure Postgress SQL thanks to a new integration with its Windows Defender Advanced Threat Protection service. 

 

Tags MicrosoftazureActive Directorytwo-factor authentication

Show Comments