* Posts by dispensa

3 posts • joined 11 Feb 2014

Microsoft gets with the times, builds two-factor authentication into Office 365


Re: Does it need to be 'always on' 2FA ?

We have heard the request loudly for an option to bypass 2FA from a corporate PC at the office.

For what it's worth, the on-premises MFA Server software supports this today if you use Office 365 in federated authentication mode to ADFS. This scenario is supported most easily in ADFS v3 (available in Windows Server 2012 R2), but is also possible with older versions of ADFS depending on your deployment.


Re: 2FO

If you want to use just the mobile app (Windows Phone/Android/iOS) and have it generate an OATH code every 60 seconds, that should be about the same experience. The out-of-band options are more secure, and are available in the same apps, if you have your device connected to data (wi-fi or cellular).


Re: It is good that they are adding the feature ....

You can also use iPad or iPod Touch devices or Windows Phone or Android devices without contracts (or without service) if you want to. Wi-fi is all that's needed for the out-of-band push notifications, and the OATH code generation works with no network at all once it's been activated.


Biting the hand that feeds IT © 1998–2020