Fraud & Identity Featured Article

Establish Identity Faster with Microsoft Authenticator

By Steve Anderson Contributing Writer

The era of the username / password authentication system as a means of establishing user identity seems to be going downhill. Bristling with failures and examples of how this system can barely keep out a sufficiently determined computer program, the notion is being thrown over in favor of systems like biometrics and two-factor authentication. Recently, Microsoft (News - Alert) brought out its new Microsoft Authenticator, a system that makes two-factor authentication easier to use by shrinking it down to one factor.

With Microsoft Authenticator, establishing identity is a little simpler than the ordinary. Any service that offers access to a one-time password works well here, reports note, and all users need to do is provide the service in question with a Microsoft Account email address. After that, users wanting to log into a service can get in by just approving an authentication attempt routed to the user's smartphone.  A similar system has been available for some time, though it still required users to use a final password to get in. This process simply reduces a login attempt to the phone connection to establish identity.

Microsoft Authenticator can be found on all the major platforms, including iOS and Android (News - Alert) along with Windows 10. Oddly, though, iOS and Android have the new feature that allows the factor trimming, but Microsoft's own version does not. Oddly, Microsoft's reason behind this was low usage, which brings to mind a bizarre problem of low app usage leading to weak app support and weak app support leading to declining usage, a vicious circle Microsoft doesn't seem to be making much progress on stopping.

That's not exactly a ringing endorsement; when Microsoft won't build a new feature into its own app because no one is using it, but will build it into other versions, that's almost like admitting that the whole mobile front for Microsoft isn't going well at all. We knew that somewhat, admittedly—Microsoft came late to the whole mobile party and it hasn't been doing well finding a foothold amid a highly-entrenched marketplace.

Still, there's no doubt Microsoft's offering a noteworthy system here. It's not immediately clear just how useful it will be as more mobile devices start accepting fingerprint scans; having to remember any level of password isn't nearly as easy as “stick your thumb on this port here.” Microsoft's making progress on protecting identity, though, and that's worth noting even if it doesn't go as far as it might.