updated 09:00 pm EDT, Fri October 5, 2012
Multi-factor authentication to be added to Office 365
Microsoft stands to improve its security systems with a new purchase of a company. A blog post confirmed the deal with PhoneFactor, a provider of phone-based multi-factor authentication (MFA) systems, which Microsoft will offer to its development partners and customers in the future.
Typically, MFA systems are based upon the concept of the user having something they know, aka a password, and something physically possessed, such as a smartphone or code-generating device. Websites run by companies such as Google, Banks, and Blizzard, use smartphone apps that sync with a server and generate a predictable unique code every 30 seconds, which site users are required to type in at the same time as their password, and although provides a far higher level of account security, it does require significant knowledge to be able to construct such a system from scratch.
Microsoft plans to integrate PhoneFactor's systems into key technologies that may benefit. Active Directory, Windows Azure Active Directory, and Office 365 will receive the extra authentication, and it may move on to other Microsoft products where security is an issue, like Xbox Live, in the future.