How can we improve Azure Active Directory?

← Azure Active Directory

Enable Flash SMS for MFA/Multi Factor Authentication

I'd like the possibility to use Flash SMS (http://en.wikipedia.org/wiki/ShortMessageService#Flash_SMS) when sending one-way OTPs using Azure MFA / Multi-Factor Authentication.

30 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

5 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    I wouldn't recommend sms. It's essy to hack. Case in point when Reddit users using SMS as their "MFA" was hacked. By definition of NIST SP800-63B, it is considered Authenticator Assurance Level (AAL) 1, which is not MFA. It is Single Factor Authentication. AAL2 is required to be classified as MFA. Dependent on the data being protected, the AAL1 may be sufficient. Otherwise you need a more secure solution for the use case.

  • Thomas commented  ·   ·  Flag as inappropriate

    Hi. Flash SMS is one of the most user friendly MFA methods. Will this be a feature in the nearest future?

Azure Active Directory: Multi-factor Authentication

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice