Microsoft will soon accelerate the adoption of multi-factor authentication (MFA) for its Microsoft 365 cloud productivity platform by adding MFA capabilities to the Outlook email client.

The company says in a new Microsoft 365 roadmap entry that users will be able to complete MFA requests for Microsoft 365 apps directly in the Outlook app through a new feature called Authenticator Lite.

With Authenticator Lite, users will be able to sign in to their work or school account through Outlook with an added layer of security.

The feature will be available in the Outlook mobile apps for iOS and Android devices, and users will likely need to enter a passcode or approve a notification after entering their password.

“Authenticator Lite (in Outlook) is a feature that allows your users to perform multi-factor authentication (MFA) for their work or school account using the Outlook app on their iOS or Android device”, Microsoft explain.

At present, Microsoft 365 MFA applications can be completed using verification codes obtained through an authenticator app (Microsoft Authenticator app or third-party authentication apps), a security key, a phonecallOr text messaging.

Once the new features of Authenticator Lite are rolled out to Outlook users worldwide (until the end of the month, Microsoft estimates), they will also be able to make authentication requests in Outlook.

Leverage Outlook’s user base

Microsoft’s move could boost MFA adoption among Microsoft 365 users, as Outlook has a much larger user base than Microsoft’s Authenticator app.

The Outlook application has more 500 million downloads on Android and 5.5 million reviews on iOS, while the Authenticator app has 50 million downloads on Android and 233,100 reviews on iOS.

Once rolled out, the new Authenticator Lite feature will enable hundreds of millions more Microsoft 365 customers to enable and use MFA to secure their accounts.

Integrating MFA authentication directly into Outlook mobile apps will make it easier for users to authenticate their sessions without switching between multiple apps.

Microsoft Identity Security Director Alex Weinert said For several years, MFA has reduced the risk of account compromise by more than 99.9%, regardless of the password.

Weinert added MFA makes it harder and more expensive for attackers to break into accounts. He cited a study that showed less than 0.1% of accounts using MFA were compromised.

As part of the same push to drive MFA adoption, Microsoft-owned GitHub announcement that two-factor authentication (2FA) will be mandatory for all active developers starting today.