Aegis Authenticator. Dont trust MS or Google your stuff
Probably means there already is MFA setup on that account, and now you doing it a second time.
Or you can just press the “get codes” button in the top right.
That sort of risk is one major reason I stopped using MS Auth and went through the painstaking process of manually switching all of my accounts to a FOSS authenticator (Aegis Auth) instead.
∞-FA
I got FreeOTP from F-droid. Works like a charm.
I recommend Aegis, but I guess it’s a matter of taste
Aegis here
Secur user checking in
Wait, is this really possible? With Steam you still will be able to access TOPT in the mobile app if you need to log in the same app, at least that’s how it worked.
I mean, there are probably one time passwords that go with some of accounts when using F2A. But I don’t care about Microsoft account either way.
This is specifically an issue with corporate M365 accounts when a user tries to migrate to a new phone without access to the old phone where the authenticator was setup.
Personal MS accounts can backup their auth secret keys to cloud storage, and when signing in on a new device, it authenticates you with your cloud storage (Google/Apple) and properly restores your MS Authenticator app.
The issue is that while MS says you can backup your corporate M365 accounts in MS Authenticator, it doesnt actually store the secret key, so it’s useless.
Have your administrator enable TAP (Temporary Access Passwords) on the tenant. Then an M365 admin can create a TAP for your account that lets you login without a password/2FA. You can use the TAP to login and rejoin MS Authenticator app. The TAP expires in 1 hour by default.
I had this exact problem when I had to install this. Ridiculous
Aegis Authenticator is the best 🏆
Thank you, how about for iOS users?
Just switch to Android/AOSP lolI’ve heard good things about Raivo Authenticator for Apple devices, although I’ve never used it myself.
Best one out there
Fun fact: when my country transitioned to a new public authentication app, the default way was to use your passport to register. My passport was expired, though, so I had to show up in person with my birth certificate and social security card equivalent.
To get my birth certificate, I had to show up at the local office with, you guessed it, my passport.
Lucky for me that they accepted it in spite of being inspired (none of the pertinent information such as my face and name had expired, after all), or I would probably be trapped in the loop to this day, years later.
Ohh, that reminds me of when I moved to Sweden. Their digital ID, bankID, is as the name suggests issued by your bank, not the government, even though it is used for all official authentication. And that includes… you guessed it, creating a bank account. So that was a real chicken and egg situation where it seemed impossible to be properly integrated into the Swedish system.
Hi neighbor! waves across Øresund
Yeah, I’m a big fan of Scandinavian style government (unlike the current governments of both of our countries, it would seem) in general, but sometimes the bureaucracy can get a little bit ridiculous 😂
Bare rolig, jeg er tilbage på den rigtige side af Sundet nu 😉
I think you have the situation everywhere. At one time in France they ask you for your bank account details to see that you have funds so that they give an ID. But the bank will refuse to open you an account without an ID. So it will depend on the agent handling your request.
Why do y’all in Europe have your bank manage your legal ID? Seems a bit backwards
We don’t. We show banks picture ID to prove that we are who we say we are. That picture ID is usually our passport or driver’s license, neither of which is managed by the bank.
Anyone else hate Microsoft forcing you to use Authenticator rather than alternatives?
Just another way I’m forced to install Microsoft crap on my devices :/
I have 2FA through Authy on my Microsoft account.
It’s been a long time since I set it up, but I have Microsoft accounts in my usual TOTP app (Aegis). Maybe I did it manually? But it’s definitely possible.
You can work around it to use your own 2FA app.
Did it with my O365 account.
PSA, don’t use Microsoft authenticator. It’s easy to accidentally wipe your cloud backup and lose all your authenticator codes when switching devices
Cooperate forces me.
I think you can use standard TOTP regardless if you add TOTP as an option in the authentication methods on your account page. At least I did and the system has yet to complain.
Can you provide more info how it’s easy to accidentally wipe? I’ve only done a transfer once, but it was by installing authenticator on the new phone and logging in, then deleting the other one on the old phone after testing that the codes work.
You have to begin the recovery on the new device before logging in. If you log in normally and enable cloud backup on the new device, it will simply overwrite the existing backup with a new empty one
Same thing with proton pass. How will i login to proton pass if i save my proton mail password in it.
Microsoft will just refuse to let me log with a third-party TOTP after setting it up. Security key is also “not supported” on Firefox even though it works for every other site.
The most info they will get is my Minecraft account and that’s already too much…
