Microsoft has integrated Authenticator Lite, a subset of the full Microsoft Authenticator app, into Outlook for iOS and Android. The code allows users to respond to MFA challenges using number matching or one-time codes without leaving Outlook and is intended to help organizations deploy and manage MFA with less friction. Although you can’t use Authenticator Lite if the Authenticator app is present on the same device, integrating MFA capabilities direct into apps sounds like a great idea.
Getting a new device means that some work must be done to ensure that apps work. This article explains how to add QR codes to the Microsoft Authenticator app so that the app has the credentials to respond to MFA challenges. We cover how to get QR codes for Azure AD accounts and how to do the same for guest accounts in other Microsoft 365 tenants.
A new setting for Azure AD conditional access policies allows organizations to dictate the authentication strength of accepted connections. This is part of a Microsoft effort to move MFA-enabled Azure AD accounts away from the relatively insecure SMS-based challenges to methods that are less susceptible to attack.