Microsoft is preparing to bring on Amazon as a customer of its 365 cloud tools in a $1 billion megadeal, according to an internal document::Preparations for this huge cloud software deal mark a significant shift in the relationship between the two technology giants.
My company recently started using MS Authenticator for 2FA in our emails. At first I was pleased about the extra security. But the way they implemented it is so fucking bonkers I can’t even handle it.
When you log in, it tells you to check your phone. On your phone you have to enter your password, then wait about 10 seconds, use biometrics, then they show you a number, and then ask you to type that number - on your phone, the same fucking device they showed it to you. And if you miss the number flashing, the text box where you enter the number covers the number so you have to tap “I can’t see the number, hide this box”. Then, if you’re trying to check your email on mobile, you have to force quit Outlook because it won’t load new emails until it launches.
The worst part is that you lose your token two times a day. So you have to log in twice a day on every device you use. It’s such a hindrance to productivity it’s insane.
That’s pretty shitty implementation… By your IT department
Something is definitely wrong… or set up differently. I haven’t had the need to use 2FA for Microsoft products on anything after the first time I sign in to a new device. Contact your IT department. They may be able to help you.
This is company wide and countless complaints have been made.
That does not sound right. They should be promoting you to enter the number on the device where you initiated the authentication, not on your phone; at least that is how it works for me when I connect my company laptop to VPN - I have to use MS Authenticator on my phone, which shows a number (protected by two biometrics), which I then have to enter on my laptop.
No, OP is completely correct. It’s all down to how the company configures their MFA, but MS MFA will definitely show you a two-digit number on the system you initiated the auth on, and force you to type that on your Authenticator app.
I work with a vendor that has this setup and do this every day when accessing their systems.
Thankfully my own company doesn’t have the type a number stuff turned on.
Yes you are right, that is how I have to do it - I got it the wrong way round in my previous post. I enter the numbers into the app on my phone.
Yea thats a really bad implementation. We use 2FA at my work and its much less cumbersome than this.
Your IT department set it up wrong in your Microsoft tenant.
And if you decide not to use ms Authenticator every time you log in with a third party one it’ll recommend you to get it every time. Don’t sell me shit when I’m trying to securely log in.
We’ve gone through a few different models for MS Authentication at work. The current one is to put in your password for what you’re trying to access on the laptop, then it prompts for a number, and the phone gets a push notification to tell which number. It works well enough. I just wish SSO worked more so I didn’t need to put in my password so much.
We get the number on our device and the notification on mobile is right quick, so by the time you’ve unlocked your phone you click the notif, copy the number and done. That’s not too unbearable.