Specops Authentication for O365 receives Gold Award rating
TechGenix recently published a product review on Specops Authentication for O365, a Group Policy based multi-factor authentication (MFA) solution that secures the Office 365 login.
Nuno Mota, Microsoft Exchange MVP, tested the solution to rate it in the following areas: ease of installation, interface intuitiveness, capability depth, and documentation clarity. Based on testing results, the product received a Gold Award, and 4.6 out of 5 rating.
TechGenix noted that Specops Authentication far exceeds the Microsoft MFA options, as it doesn’t rely solely on a landline number where users can receive a phone call, or a mobile phone where they can receive SMS. Two-factor authentication that relies on phone-based verification via SMS is deemed less secure due to phishing attacks that bypass or intercept SMS.
In addition, Specops Authentication for O365’s powerful MFA engine is also utilized by Specops uReset, a self-service password reset solution. By sharing the same MFA platform, user MFA enrollments within Specops Authentication for Office 365 can be extended to secure password resets. Microsoft’s Azure MFA enrollments do not carry over to Azure self-service password reset, as such organizations would need to require users to enroll again. Additionally, the MFA options are different across the two capabilities, for example Azure MFA does not support security questions, or email verification.
Nuno Mota sums the above up by stating, “I have been involved in several projects where the business wanted to offer users other options, like receiving a code by email (instead of SMS) like many other products do, or answering one or more secret questions, for example. Microsoft already provides these options with its Azure self-service password reset feature, so why not offer these with MFA?”
Specops Authentication provides dynamic MFA. With over 15 different forms of authentication to choose from, administrators can configure secure MFA policies to secure the vulnerable O365 login. By requiring users to enroll with more options than required to authenticate to O365, user disruption created by reliance on a single point of failure such as mobile phone, is minimized.
(Last updated on December 4, 2020)