Aegis Authenticator is the best 🏆
Unfortunately, Microsoft will often force their own 2FA app when logging in to 365.
Not true, I’ve always used Authy.
No they don’t. That’s a configuration setting.
Best one out there
Thank you, how about for iOS users?
Just switch to Android/AOSP lolI’ve heard good things about Raivo Authenticator for Apple devices, although I’ve never used it myself.
This is specifically an issue with corporate M365 accounts when a user tries to migrate to a new phone without access to the old phone where the authenticator was setup.
Personal MS accounts can backup their auth secret keys to cloud storage, and when signing in on a new device, it authenticates you with your cloud storage (Google/Apple) and properly restores your MS Authenticator app.
The issue is that while MS says you can backup your corporate M365 accounts in MS Authenticator, it doesnt actually store the secret key, so it’s useless.
Have your administrator enable TAP (Temporary Access Passwords) on the tenant. Then an M365 admin can create a TAP for your account that lets you login without a password/2FA. You can use the TAP to login and rejoin MS Authenticator app. The TAP expires in 1 hour by default.
I’m in this particular loop at work where I don’t want and don’t really need an account, so I’m going to pretend I didn’t see this and if you could ensure that IT doesn’t see this, that’d be great, thanks.
Brought to you by the same company that takes you to the logout page when you go to the login URL
I had this exact problem when I had to install this. Ridiculous
You’d think such an important application would be properly tested, right?
I got FreeOTP from F-droid. Works like a charm.
Aegis here
I usually use Bitwarden myself, but the company uses Microsoft Authenticator.
I feel your pain
I use it for all of my work accounts. When it gives me troubles, I put my feet up.
I recommend Aegis, but I guess it’s a matter of taste
My university recently forced us to use this shitpile to 2FA, it never fails to disappoint
Probably means there already is MFA setup on that account, and now you doing it a second time.
Or you can just press the “get codes” button in the top right.
The get codes button didn’t work the first time I tried it. But it did now after restarting the app a couple times. A bit finnicky but it works.
Yeah, when your setting it up there’s a button that says something like “use another authenticator app” or it might say something like “configure without notifications”.
Those generate normal TOTP QR codes which you can use in other apps
That sort of risk is one major reason I stopped using MS Auth and went through the painstaking process of manually switching all of my accounts to a FOSS authenticator (Aegis Auth) instead.
Does Aegis sync between devices?
No, but you can back it up (encrypted) and restore it.
TOTP isn’t supposed to be saved in a “cloud”
One day authentication of new users will be impossible and the only way to get on will be to purchase it from someone who already has it. Entire companies will run on a single account hey bought for millions of dollars. News stories will run of a vengeful or negligent employees bricking the one corporate account, until a cartel of business owners attempts to corner the market.
Microsoft works
Jumbo shrimp
This is a configuration item. Nothing to do with the app. It’s a choice your company has made.
Interesting, do you happen to know which configuration item causes this?
The one that forces you only to use ‘passwordless’ logins or forces that MFA challenge. Your admins had a choice on what they allow.
It seems something changed on MS end though because I have control of what MFA i use on our corporate acxount, which was setup with Yubikey, until about a month ago when this Use Your Outlook Mobile started on it’s own
🤷♂️ maybe it’s a bug or change
Whatever it is, somebody at Microsoft made a mistake; it should not prompt you for Outlook Mobile Auth code when that is the actual app you are trying to sign in to, and have no way of retrieving that code. it should have review MS app and if it is Outlook Mobile then move to the next MFA option in your security list.
I mean the error should be better, but there isn’t another method. They are turned off.
In this meme yeah, in my account I get the “try another way” link to let me go back to Yubikey auth option. But it shouldn’t default to Outlook auth if your are trying to sign in to Outlook, that is just lack of forethought
Lmaooo this just happened to me the other day. Drove me nuts
People run into this for company MFA not realizing that their IT can enable new account setups. If it’s a personal account you already have a device setup so I hope you didn’t yeet it into the ocean or you really are screwed
Wait, is this really possible? With Steam you still will be able to access TOPT in the mobile app if you need to log in the same app, at least that’s how it worked.
I mean, there are probably one time passwords that go with some of accounts when using F2A. But I don’t care about Microsoft account either way.
Yeah, I already went to IT several times to ask them to forcibly reset it. I’m WFH now, so I’ll have to pay them another visit on Monday.
Same thing with proton pass. How will i login to proton pass if i save my proton mail password in it.
Why would you store your password manager’s password in your password manager??? That’s like putting a safe’s key into the safe
I know but I remember it was saved by default in it. I am really confused about it. What should I do abt it? Should I just make a memorable password and remember the proton account password? or something else?
Yes, use random words or sentences. https://www.useapassphrase.com/