Microsoft created an App Lock feature in response to feedback from people who wanted to make sure a PIN or biometric (Code, Fingerprint, Face Recognition, etc.) secured the app. In July 2020, Microsoft expanded App Lock’s protection. If App Lock is enabled, when you approve any notification, you’ll also have to provide your PIN or biometric. With the latest release of the app, as part of Microsoft’s effort to make the sign-in experience even more secure, App Lock is enabled by default if you’ve set up a PIN or biometric on your device.

Upon opening the Authenticator app you may get a pop-up message that App lock has been enabled. As noted in the pop-up message, the default configuration can be changed in the app settings by doing the following:

  • Open the Microsoft Authenticator App.
  • Tap the 3 parallel bars in the top left of the App to open the drop-down menu.
  • Tap Settings.
  • Scroll down on the settings page to the security section.
  • Tap the On/Off switch in the Security section for App Lock to deactivate the new “Default”.

Deactivating the App Lock setting will stop the requirement for use of a PIN or biometric when the Approve Sign-in prompt of [Deny|Approve] is sent.