Enable Flash SMS for MFA/Multi Factor Authentication
I'd like the possibility to use Flash SMS (http://en.wikipedia.org/wiki/Short_Message_Service#Flash_SMS) when sending one-way OTPs using Azure MFA / Multi-Factor Authentication.
Anonymous
shared this idea
This is not currently planned for development. Microsoft encourages the use of push notifications to the authenticator app, which have similar usability to Flash SMS.
5 comments
-
Anonymous
commented
I wouldn't recommend sms. It's essy to hack. Case in point when Reddit users using SMS as their "MFA" was hacked. By definition of NIST SP800-63B, it is considered Authenticator Assurance Level (AAL) 1, which is not MFA. It is Single Factor Authentication. AAL2 is required to be classified as MFA. Dependent on the data being protected, the AAL1 may be sufficient. Otherwise you need a more secure solution for the use case.
-
Anonymous
commented
Very much needed and a hard requirement for many customers. YES, YES, YES
-
Stefan Schörling
commented
Very much needed and a hard requirement for many customers.
-
Thomas
commented
Hi. Flash SMS is one of the most user friendly MFA methods. Will this be a feature in the nearest future?
-
Peter Selch Dahl
commented
If I had any more votes, this request would get 3 votes :)