Integrating Microsoft Authenticator with Secret Server

The integration between Secret Server and Microsoft Authenticator enhances the security of accessing privileged accounts and sensitive information by enabling multifactor authentication (MFA) using the Microsoft Authenticator mobile application.

Microsoft Authenticator is a mobile application that provides MFA capabilities for Microsoft accounts and various other supported services. It allows users to verify their identities through push notifications, time-based one-time passwords (TOTP), or biometric authentication on their mobile devices.

Integration Keynotes:

  • MFA Enrollment and Configuration: Users can enroll their Secret Server accounts in Microsoft Authenticator by configuring it as an MFA method. This typically involves installing the Microsoft Authenticator app on their mobile devices and linking it to their Secret Server accounts.

  • Accessing Privileged Accounts: When a user attempts to access a privileged account stored in Secret Server, Secret Server prompts MFA verification through the Microsoft Authenticator app.

  • MFA Challenge: The user receives a push notification or generates a time-based one-time password (TOTP) using Microsoft Authenticator. They provide this additional authentication factor to Secret Server to complete the login process.

  • Enhanced Security: By leveraging MFA with Microsoft Authenticator, Secret Server adds an extra layer of protection to privileged account access. Even if a user's password is compromised, unauthorized access is prevented unless the MFA challenge is completed.

  • Multi-factor Options: Microsoft Authenticator provides multiple MFA options, including push notifications, time-based one-time passwords, and biometric authentication (such as fingerprint or facial recognition), allowing users to choose their preferred authentication method.

  • Mobile Device Protection: Microsoft Authenticator utilizes the security features of the user's mobile device, such as device encryption and biometric authentication, to ensure the security of MFA credentials.

  • Auditing and Compliance: The integration with Microsoft Authenticator allows organizations to capture and log MFA events and privileged account access in Secret Server, providing an additional layer of auditing and compliance visibility.

To learn more about this integration, click here.