this post was submitted on 05 Jan 2024
751 points (98.5% liked)

Memes

45680 readers
1128 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] Strawberry@lemmy.blahaj.zone 36 points 10 months ago (7 children)

PSA, don't use Microsoft authenticator. It's easy to accidentally wipe your cloud backup and lose all your authenticator codes when switching devices

[–] Dirk@lemmy.ml 11 points 10 months ago (1 children)
[–] Killercat103@infosec.pub 5 points 10 months ago (1 children)

I think you can use standard TOTP regardless if you add TOTP as an option in the authentication methods on your account page. At least I did and the system has yet to complain.

[–] PM_Your_Nudes_Please@lemmy.world 4 points 10 months ago (1 children)

Nope, IT can disable third-party TOTP services, and force all employees to use the official MS Authenticator app.

[–] Killercat103@infosec.pub 1 points 10 months ago

Sounds like a antitrust violation imo. (Not based in knowledge of laws). In the future I hope to work in a co-op, non-profit, foss or privacy oriented bussiness or whatever. Just something I believe is beneficial to our future and not detrimental. Don't care if I lose potential wages or job security.

Just the standard run of the mill tech company for a private owner idealizing infinite growth for investors and making software that tries taking advantage of the user or even required to use such? Not for me. (I don't need perfection just want improvent)

[–] BluDood@lemmy.world 9 points 10 months ago* (last edited 10 months ago) (1 children)

Is there actually any way to export the secrets from MS authenticator? I've been wanting to move them to something like bitwarden but it's gonna take ages if I have to reset all ~50

[–] Midnight1938@reddthat.com 3 points 10 months ago (1 children)

They provide "Cloud Backups".

Take the time, move them 5 a day. Better than loosing them forever

[–] BluDood@lemmy.world 1 points 10 months ago

Yeah I suppose that's the best solution, I'm just a little impatient lol

[–] scytale@lemm.ee 4 points 10 months ago (1 children)

Can you provide more info how it’s easy to accidentally wipe? I’ve only done a transfer once, but it was by installing authenticator on the new phone and logging in, then deleting the other one on the old phone after testing that the codes work.

[–] Strawberry@lemmy.blahaj.zone 8 points 10 months ago (1 children)

You have to begin the recovery on the new device before logging in. If you log in normally and enable cloud backup on the new device, it will simply overwrite the existing backup with a new empty one

[–] GreenSkree@lemmy.world 4 points 10 months ago

That design is awful

[–] cyberpunk007@lemmy.world 3 points 10 months ago (2 children)

Yes, and while you can move it phone to phone on iOS, you cannot on Android. So stupid.

If you are forced to use it by your company just use it for that email, nothing else. Use something like authy instead.

[–] highenergyphysics@lemmy.world 3 points 10 months ago

If your company forced you to use mobile authentication, they should also be providing you with a device on the company plan at no cost to the employee.

In which case you should absolutely use MS Auth and give them all your delicious work data because nothing personal should be on the device anyway.

[–] toastal@lemmy.ml 2 points 10 months ago

Authy requires a phone number last I checked & is a part of a for-profit entity. TOTP management is a simple task so there is no reason not to be using something open source.

[–] qaz@lemmy.world 3 points 10 months ago

Don't worry, I'm going to keep using Bitwarden for my personal accounts.

[–] Swuden@lemmy.world 1 points 10 months ago

Somehow I don't think there's much risk of anyone doing it willingly...

[–] Midnight1938@reddthat.com 1 points 10 months ago

Learnt that the hard way