One-Time Passcode for Office 365 Message Encryption

Tim Tetrick

I wanted to highlight a new feature that just recently launched that enhances the capabilities of Office 365 Message Encryption.  As you may recall, Office 365 Message Encryption released this past February, and replaced the functionality previously known as EHE (Exchange Hosted Encryption).

Essentially, Office 365 Message Encryption enables users to send encrypted emails to anyone at any email address.  It utilizes server-side policy rules created by the administrator to determine what emails get encrypted, so there is no need for additional software/hardware.

In the past, the only way for a recipient to view the encrypted message was by using a Microsoft Account (previously referred to as a Live ID).  However, with this recent enhancement to the service, known as One-Time Passcode for Office 365 Message Encryption, recipients now have the option of utilizing a one-time passcode to view the encrypted message without having to sign in with a Microsoft Account.

Here’s how it works…

If the recipient receives the encrypted message at an email address that is a Microsoft Account (or linked as a Microsoft Account), then they will have the option to either sign in or to use a one-time passcode.

If the recipient receives the encrypted message at an email address that is not a Microsoft Account (or linked as a Microsoft Account), then they will have the option to either create a Microsoft Account or use a one-time passcode.

If the recipient chooses the one-time passcode option, the service will send a passcode in an email to their inbox.

At this point the recipient can enter the passcode on the Office 365 Message Encryption Portal page.

Once the passcode is entered correctly, the recipient will be able to view the contents of the encrypted email in plain text.

I am excited about this new functionality because I have heard concerns from partners and customers in the past about the requirement to have a Microsoft Account in order to view the encrypted message.  This new functionality removes that concern. 

As a reminder, O365 Message Encryption comes with the E3 and E4 plans and can also be added on to other plans via the Azure Rights Management add-on.

For more information on how to use this new feature, see Use a one-time passcode to view an encrypted message.

Thanks!