Memes

Fun fact: when my country transitioned to a new public authentication app, the default way was to use your passport to register. My passport was expired, though, so I had to show up in person with my birth certificate and social security card equivalent.

To get my birth certificate, I had to show up at the local office with, you guessed it, my passport.

Lucky for me that they accepted it in spite of being expired (none of the pertinent information such as my face, name and birth date had expired, after all), or I would probably be trapped in the loop to this day, years later.

Aegis Authenticator is the best 🏆

PSA, don't use Microsoft authenticator. It's easy to accidentally wipe your cloud backup and lose all your authenticator codes when switching devices

∞-FA

I got FreeOTP from F-droid. Works like a charm.

I had this exact problem when I had to install this. Ridiculous

Microsoft will just refuse to let me log with a third-party TOTP after setting it up. Security key is also "not supported" on Firefox even though it works for every other site.

The most info they will get is my Minecraft account and that's already too much...

Probably means there already is MFA setup on that account, and now you doing it a second time.

Or you can just press the "get codes" button in the top right.

That sort of risk is one major reason I stopped using MS Auth and went through the painstaking process of manually switching all of my accounts to a FOSS authenticator (Aegis Auth) instead.

This is a configuration item. Nothing to do with the app. It's a choice your company has made.

Anyone else hate Microsoft forcing you to use Authenticator rather than alternatives?

Just another way I'm forced to install Microsoft crap on my devices :/

This is specifically an issue with corporate M365 accounts when a user tries to migrate to a new phone without access to the old phone where the authenticator was setup.

Personal MS accounts can backup their auth secret keys to cloud storage, and when signing in on a new device, it authenticates you with your cloud storage (Google/Apple) and properly restores your MS Authenticator app.

The issue is that while MS says you can backup your corporate M365 accounts in MS Authenticator, it doesnt actually store the secret key, so it's useless.

Have your administrator enable TAP (Temporary Access Passwords) on the tenant. Then an M365 admin can create a TAP for your account that lets you login without a password/2FA. You can use the TAP to login and rejoin MS Authenticator app. The TAP expires in 1 hour by default.

I have found that Microsoft has the worst authentication on the planet. From weird, nightmarish loops and processes, to non propagated password changes. Not talking about having multiple accounts etc...

The worst of the worst for me was Atlassian login with Microsoft SSO

Microsoft works

Lmaooo this just happened to me the other day. Drove me nuts

Wait, is this really possible? With Steam you still will be able to access TOPT in the mobile app if you need to log in the same app, at least that's how it worked.

I mean, there are probably one time passwords that go with some of accounts when using F2A. But I don't care about Microsoft account either way.