Proactive Multi-Factor Authentication
In December, we asked you to provide feedback on our proposal to introduce mandatory authentication for Azure single sign-on.
The feedback period closed on 21 January 2022. A summary of the feedback received is set out below:
- There were concerns raised about being able to validate a user account by answering a call to a personal cell phone. The validation step will only be required the first time that the user logs into their account, or anytime that they need to reset their password. This is not a daily occurrence (unless the user has assure website access).
- There were requests to be able to validate the user’s account by email rather than a call to a DDI or cell phone. Unfortunately, email validation is not an option for authentication.
- Several RSP’s asked if we could integrate alternate or third-party authenticators to Single Sign-On. Our preference is to use the standard Microsoft authenticator.
Based on the feedback received, and the responses we have provided, we can confirm that we will be turning on proactive authentication. We will be introducing mandatory authentication to new users and any existing users from 16 May 2022.
We encourage all existing users who have not yet completed their Multi-factor Authentication (MFA) step to do so before it becomes mandatory. We can provide a list of users who need to do this. Your Service Delivery Manager can send this to you, or you can email for further details.
Steps to complete the MFA can be found here.
Contact
Please get in touch if you have any questions.