Multi Factor Authentication in Office 365 vs Azure

Body:

mfa_01

On February 10th Microsoft announced the general availability of Multi-Factor Authentication for Office 365.

Multi-Factor Authentication for Office 365, powered by Windows Azure Multi-Factor Authentication, works exclusively with Office 365 applications at no additional cost and is managed  from the Office 365 portal.

Multi-Factor Authentication for Office 365 offers a subset of Windows Azure Multi-Factor Authentication capabilities as shown in the following table:

Multi-Factor Authentication for Office 365 Windows Azure Multi-Factor Authentication
Administrators can Enable/Enforce MFA to end-users

Yes

Yes

Use Mobile app (online and OTP) as second authentication factor

Yes

Yes

Use Phone call as second authentication factor

Yes

Yes

Use SMS as second authentication factor

Yes

Yes

Application passwords for non-browser clients (e.g. Outlook, Lync)

Yes

Yes

Default Microsoft greetings during authentication phone calls

Yes

Yes

Custom greetings during authentication phone calls

Yes

Fraud alert

Yes

MFA SDK

Yes

Security Reports

Yes

MFA for on-premises applications/ MFA Server.

Yes

One-Time Bypass

Yes

Block/Unblock Users

Yes

Customizable caller ID for authentication phone calls

Yes

Event Confirmation

Yes

 

To enable Multi-Factor Authentication for other applications, customers can purchase the Windows Azure Multi-Factor Authentication service, which offers a richest set of capabilities, additional configuration options via the Windows Azure portal, advanced reporting, and support for a range of on-premises and cloud applications. Office 365 customers that want the additional functionality can also purchase Windows Azure Multi-factor Authentication.

Multi-Factor Authentication for Windows Azure administrators

The same subset of Multi-Factor Authentication capabilities for Office 365 will be available at no cost to all Windows Azure administrators. Every administrative account of a Windows Azure subscription can now get additional protection by enabling this core multi-factor authentication functionality via Windows Azure Active Directory service. An administrator that wants to access Windows Azure portal to create a VM, deploy a web site, manage storage, use mobile services or any other Windows Azure Service can add multi-factor authentication to his administrator account.

Multi-factor Authentication various scenarios

Office 365 with Federated Id – ADFS

Office 365 with no Federation – Windows Azure AD only

SaaS application via Access Panel

On-premises Apps

Custom Apps – SDK

MFA functionality available

Yes

Yes

Yes

Yes

Yes

Minimum Version of MFA required

MFA for Office 365

MFA for Office 365

Windows Azure MFA

Windows Azure MFA

Windows Azure MFA

MFA available for Web client

Yes

Yes

Depends on Application

Depends on Application

Depends on Application

MFA available for Rich client

Yes (Application password)

Yes (Application password)

N/A

N/A

N/A

Category: Ideas; News; Servers
Published: 3/3/2014 20:48
]]>