Your employer might use MS Authenticator but still let you do call or SMS 2FA. If you use a VOIP number, it won't be vulnerable to SIM card swapping attacks.
Asklemmy
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
You have the right not to use your personal hardware for work, and the employer must provide the necessary equipment to accomplish your job.
Ask if you could get a hardware token (ie: Yubikey Security Key) instead of using Microsoft Authenticator to fulfill the security requirements. It's low cost and doesn't require a subscription unlike a cellphone plan.
we have o365 and while i do have the authenticator, you should also be able to add a phone number or email address for text/email codes instead of the authenticator (i know my coworker doesn't have the authenticator but gets codes to her sms)
...it won't let me edit my other comment but I wanted to add that YES using MFA is demonstratively far more safe than any password you can set.
With a multi factor enabled you could literally give your password out and people could not access your account without being able to complete that second layer of security.
I know Google has a way to "force" you to only use their app, and that's strictly enforced for personal MFAs (I haven't verified that recently), I didn't have that kind of trouble not using the MS one, but I'm not sure my org was as strict as yours on that "force MS" option.
Do like a friend of mine. He has a 15 dollar a month phone(mint mobile) that he uses for all his job related bullshit. Its all it does and he has no personal accounts on it at all. It kinda sucks that they insist on him using his own equipment for it but its the cheapest way to keep them out of his personal life.
Would you even need a monthly plan for this kind of thing? It just needs to be able to install the app and run it. If it needs internet you can connect to WiFi. You can get a sim free android for about ยฃ50 outright now.
You do if you want to provide that as your "work" number. Unless you're going to jump though VoIP hoops.
If you don't care about the money you get paid every fortnight then go ahead. Nobody cares! For employers , you are just a number and for you ,employer is the means to get paid.
If you don't need the money then fuck it.
When setting up the authentication when it asks you to set up Microsoft authenticator there should be a drop-down at the bottom of the page that says use another option that will allow you to use a phone call or text message as your chosen method of authentication.