I think you can use standard TOTP regardless if you add TOTP as an option in the authentication methods on your account page. At least I did and the system has yet to complain.

[–] PM_Your_Nudes_Please@lemmy.world 4 points 8 months ago (1 children)

Nope, IT can disable third-party TOTP services, and force all employees to use the official MS Authenticator app.

[–] Killercat103@infosec.pub 1 points 8 months ago

Sounds like a antitrust violation imo. (Not based in knowledge of laws). In the future I hope to work in a co-op, non-profit, foss or privacy oriented bussiness or whatever. Just something I believe is beneficial to our future and not detrimental. Don't care if I lose potential wages or job security.

Just the standard run of the mill tech company for a private owner idealizing infinite growth for investors and making software that tries taking advantage of the user or even required to use such? Not for me. (I don't need perfection just want improvent)

[–] BluDood@lemmy.world 8 points 8 months ago* (last edited 8 months ago) (1 children)

Is there actually any way to export the secrets from MS authenticator? I've been wanting to move them to something like bitwarden but it's gonna take ages if I have to reset all ~50

[–] Midnight1938@reddthat.com 3 points 8 months ago (1 children)

They provide "Cloud Backups".

Take the time, move them 5 a day. Better than loosing them forever

[–] BluDood@lemmy.world 1 points 8 months ago

Yeah I suppose that's the best solution, I'm just a little impatient lol

[–] scytale@lemm.ee 4 points 8 months ago (1 children)

Can you provide more info how it’s easy to accidentally wipe? I’ve only done a transfer once, but it was by installing authenticator on the new phone and logging in, then deleting the other one on the old phone after testing that the codes work.

[–] Strawberry@lemmy.blahaj.zone 8 points 8 months ago (1 children)

You have to begin the recovery on the new device before logging in. If you log in normally and enable cloud backup on the new device, it will simply overwrite the existing backup with a new empty one

[–] GreenSkree@lemmy.world 4 points 8 months ago

That design is awful

[–] cyberpunk007@lemmy.world 3 points 8 months ago (2 children)

Yes, and while you can move it phone to phone on iOS, you cannot on Android. So stupid.

If you are forced to use it by your company just use it for that email, nothing else. Use something like authy instead.

[–] highenergyphysics@lemmy.world 3 points 8 months ago

If your company forced you to use mobile authentication, they should also be providing you with a device on the company plan at no cost to the employee.

In which case you should absolutely use MS Auth and give them all your delicious work data because nothing personal should be on the device anyway.

[–] toastal@lemmy.ml 2 points 8 months ago

Authy requires a phone number last I checked & is a part of a for-profit entity. TOTP management is a simple task so there is no reason not to be using something open source.

[–] qaz@lemmy.world 2 points 8 months ago

Don't worry, I'm going to keep using Bitwarden for my personal accounts.

[–] Swuden@lemmy.world 1 points 8 months ago

Somehow I don't think there's much risk of anyone doing it willingly...

[–] Midnight1938@reddthat.com 1 points 8 months ago

Learnt that the hard way