Microsoft Authenticator now supports U.S. federal agencies thanks to FIPS 140 compliance

The Microsoft Authenticator app is the Redmond tech giant's recommended authentication solution for customers utilizing passwordless sign-in or multi-factor authentication. The app was first released on Windows 10 Mobile (RIP) way back in 2016 and has since gone through tons of iterations to bring the latest improvements and enhancements across modern platforms. While the app is good enough for enterprise users and customers, one thing it was missing was support for U.S. federal agencies, until today.

Microsoft has announced that the Microsoft Authenticator app has achieved Federal Information Processing Standards (FIPS 140) compliance. This indicates that the app can now leverage cryptography techniques vetted by federal agencies. This is a major milestone because it means that the app can now officially be utilized by U.S. federal agencies.

It is important to note that only the iOS app for Authenticator on version 6.68 and higher is FIPS 140-compliant by default for Azure Active Directory (AAD) authentications, no IT admin configuration is required. It is applicable to customers leveraging push multifactor authentications (MFA), Passwordless Phone Sign-In (PSI), and time-based one-time passcodes (TOTP). Android support is planned for a later, currently unknown date.

Microsoft has noted that it achieved FIPS 140 compliance through Apple's native cryptography module on iOS, namely CryptoCore. We'll likely hear more about the implementation details for Android once that platform becomes compliant too.

Report a problem with article
Suicide Squad Batman
Next Article

Suicide Squad: Kill the Justice League features an evil Batman voiced by Kevin Conroy

Star Wars jedi Survivor teaser image featuring Cal and BD-1
Previous Article

Star Wars Jedi: Survivor gameplay has dual Lightsabers and fresh Force abilities

Join the conversation!

Login or Sign Up to read and post a comment.

2 Comments - Add comment

Advertisement