I'm getting a new top of the line Samsung cell phone. Not because I want one, but because the company I work for has started requiring the use of Microsoft Authenticator to access our cloud interfaces. This means that even though I have only a desktop computer that sits in our office and is connected to our network via an ethernet cable, I need a >$1000 cell phone to show I am "secure".
#DumbAllOver
#MicrosoftSucks
@lightweight @lwriemen Indeed. Independent authenticators aren't well publicized because there is no marketing team trying to make you believe you need a cloud login to use one.
A TOTP auth can work just fine offline. It doesn't need to come from a cloud or be connected to anything. I've used both Aegis and KeePassXC and both work fine.
@lwriemen but why a "top of the line Samsung"? There are cheaper phones, there are even cheaper Samsung phones, that run MS authenticator.
@rogerparkinson The company had two options, top of the line Samsung or top of the line iPhone. I'm sure the normal consideration for a corporate phone is for a bigger number of uses.
#CorporateWaste
I made them buy me the cheapest iPhone Apple still sells and run Authenticator on that. Can't imagine what check they would be running through MDM that would need a brand new phone. Up-to-date OS, sure....
@lwriemen fwiw, I recently converted a Microsoft account I'm required to use (to access my employer's leave system) to let me get my auth codes from Aegis instead... it wasn't a well publicised option, but it works.