• MystikIncarnate
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    Yeah, I’ve seen that prompt at least 50 times by now. There’s almost always a button to use a different authenticator app, which shifts the code to be TOTP compliant.

    I don’t think I’ve ever seen that button not be there.

    To be fair, the MS authenticator app is also useful as a totp app, so it’s not all bad. I mean, I don’t use it, but it’s not all bad.

    If your company (assuming this is for ms365) can also enable FIDO2, so yubikeys are also possible, but they’re not enabled by default, so your 365 admin needs to go press a button to allow that for you. MS even supports passkey for passwordless login. But again, not enabled by default. Fun fact: Windows 10/11 also support all of this but if you’re on an active directory domain… You guessed it, it’s not enabled by default.

    To their credit, Microsoft has made some pretty significant strides in account security in recent years. It’s pretty impressive; though requiring a TPM for desktop Windows (especially the “home” versions) still makes me raise an eyebrow. Overall it should help with security… But a hard requirement? Okay Microsoft. If you say so.