Microsoft introduces multifactor authentication for all Office 365 users
Posted on 11 February 2014.
In a praiseworthy move, Microsoft has extended the multifactor authentication option to all users of Office 365, its popular subscription-based online office software suite.

"Today were adding Multi-Factor Authentication for Office 365 to Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online," announced Paul Andrew, technical product manager for Office 365.

"With Multi-Factor Authentication for Office 365, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this second authentication factor has been satisfied can a user sign in," he explained.

Office 365 administrators can force their users to use multi-factor authentication very easily. Once they are enrolled, they will be required to configure their second factor of authentication at their next login.

Microsoft also also intends to introduce App Passwords for Office desktop applications, to additionally protect Office client (desktop) applications with a 16-character randomly generated password.

"Were planning to add native multi-factor authentication for applications such as Outlook, Lync, Word, Excel, PowerPoint, PowerShell, and OneDrive for Business, with a release date planned for later in 2014," he also added.

"This update includes the current phone-based multi-factor authentication, and it adds capability to integrate other forms of authentication such as: third-party multi-factor authentication solutions and smart cards. Smart card support is planned to include the U.S. Department of Defense (DoD) Common Access Card (CAC) and the U.S. Federal Personal Identity Verification card (PIV), among others."


Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Sep 30th