Windows Azure Active Authentication Preview Released
Microsoft on Wednesday rolled out a preview of its cloud-based multifactor authentication service that it had showcased at TechEd.
"Active Authentication" is the code name for this Windows Azure-enabled technology that enforces secondary identification checks. With the service turned on, users who attempt to access an organization's files and applications via a user name and password will get prompted to confirm their identities via a secondary means. The secondary authentication method is either an automated phone call sent to their devices or a text message. The service is based on technology that Microsoft acquired when it bought PhoneFactor in October.
In addition to the voice and SMS text methods of verification, Microsoft offers a free Active Authentication app for the authentication process. The app works by sending a push notification to the user after log-in, prompting the secondary authentication. The Active Authentication app works with Android and iOS smartphones and tablets, as well as with Windows Phone devices.
Users of the Active Authentication service can choose which type of secondary authentication they get, according to Alex Simons, director of program management for Active Directory, in a blog post. IT pros can use the Windows Azure Portal to set up the service and specify the billing (either "per enabled user" or "per authentication"). They also can turn on the authentication service for specific users.
The service enables multifactor authentication across various Microsoft services, including Windows Azure, Office 365, Dynamics CRM Online and Windows Intune. Back when Microsoft announced the acquisition of PhoneFactor, it was already using the technology for Active Directory, Internet Information Services and Outlook Web Access, with integration plans for the entire Microsoft product line. The authentication service doesn't currently work with rich clients, such as Microsoft Outlook, which Microsoft explained back in March.
Windows Azure Active Directory is typically a free service for those using Microsoft's online products such as Office 365. However, Microsoft is charging for the Active Authentication service. Microsoft's pricing page for Active Authentication lists the billing details, but not the prices. The cost of using the Active Authentication preview in a non-test environment is $1 per user per month or $1 per every 10 authentications, according to Sarah Fender, director for Windows Azure, in a blog post. But those prices are half of what Microsoft plans to charge when the service reaches the "general availability" release stage, she indicated.
Microsoft doesn't offer service level agreements with Active Authentication. Technical support costs extra, starting at $29 per month. However, there is a no-cost forum topic page.
Microsoft didn't specify when the product would be generally released. In the meantime, there's a free trial.
Kurt Mackie is online news editor for the 1105 Enterprise Computing Group.