Office 365 for work: We need Office 365 for Work support a FIDO Universal Second Factor (U2F) protocol standard Security Key.
As many organisation would like to shift to Office 365 but they concern about the security standard which request Office 365 to support Universal Second Factor (U2F) protocol standard security key as Microsoft is a member of FIDO.
So, I wrote this idea to be a feedback request to Office team.
Tim Fish commented
@Kevin Dibb - FIDO U2F is better than app/sms/call as those can still all be phished. The attacker can display a page that looks like the standard login, attempt to login for you, you get the sms/call and they prompt for the code and login from their system. FIDO U2F has been specifically designed so this can't happen. Its currently only supported in Chrome so I wouldn't expect more companies to support it until browser support is better...
C'mon guys, we need FIDO support. If you don't do it soon, we'll be forced to move to Google Apps.
I would really like a simple 2FA solution such as the U2F FIDO fobs for users to log into O365.
Kevin Dibb commented
How is FIDO U2F better than the multifactor authentication that O365 already supports via the Azure Authentication App, texting, or calling? Genuinely would like to know because I use two factor auth for a lot of sites such as Logmein, Facebook, Github, TeamViewer, CloudFlare, and of course O365. So would like to learn more about how FIDO U2F is better/different.
Saqib Ali commented
Yes, FIDO U2F / UAF based Strong Auth is really needed in the Microsoft's Cloud Apps like Microsoft One Drive etc.