Microsoft today announced it has added optional multi-factor verification to Windows Azure Active Directory identities, allowing enterprises to secure employee, partner, and customer access to cloud apps. The feature is another layer of protection when accessing Office 365, Windows Azure, Windows Intune, Dynamics CRM Online, and many other tools that are integrated with Windows Azure AD.
For those who don’t know, multi-factor verification requires you to use more than one form of verification to access an account. In this case, Microsoft’s new service, codenamed Active Authentication, works by adding an extra step to the sign in process: after a user enters their username and password, they are required to also authenticate in one of three ways: using the Active Authentication app on their mobile device, via an automated phone call, or via an automated text message (SMS).
Microsoft says Active Authentication is built on the technology from authentication vendor PhoneFactor, which the company acquired in October. The service offers the following:
- Rapid Set Up: Simply add the service to your Windows Azure AD tenant and turn it on for your users, or add the service to your custom applications using just a few lines of code.
- Automated Enrollment: Windows Azure AD users enroll their own phone numbers and set authentication preferences during the standard sign in process. There are no tokens to provision and ship, so you can quickly enable the service for users around the globe.
- Scalable: The reliable, scalable service supports high-volume, mission critical applications and large-scale employee, partner, and customer deployments.
This doesn’t end at companies. Developers can also use the Active Authentication SDK to build multi-factor authentication into their custom applications and directories.
Unfortunately, all of this will cost you: pricing details are here. The only upside is that Microsoft is offering flexible billing options, letting you choose between per user, per month (pay by the number of users you enable for multi-factor authentication each month) and per authentication (pay by total number of authentications used each month). Currently the scheme seems to be $1.00 per user per month or $1.00 for every 10 authentications, but Microsoft plans to double that when it deems the service ready for general availability.
Top Image Credit: Robert Scoble