A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
What is your concern about installing MS Authenticator.
I mean I can understand the principle of being forced to install anything on your phone.
But just stepping into the practical for a second: What do you worry will happen by installing this app to your phone?
AFAIK on Android it has a hard dependency on Google services. I don't mind installing proprietary stuff to my work profile for the express purposes of work but that requires modifying my system to accommodate this specific app and that's a step too far for my personal device. So I use a free software option (Aegis) instead.
edit: if for some reason I really did need MS Authenticator and not any old TOTP app, I would procure a googled device specifically for work rather than install google or microG into my personal device.
we have o365 and while i do have the authenticator, you should also be able to add a phone number or email address for text/email codes instead of the authenticator (i know my coworker doesn't have the authenticator but gets codes to her sms)
I know Google has a way to "force" you to only use their app, and that's strictly enforced for personal MFAs (I haven't verified that recently), I didn't have that kind of trouble not using the MS one, but I'm not sure my org was as strict as yours on that "force MS" option.
When setting up the authentication when it asks you to set up Microsoft authenticator there should be a drop-down at the bottom of the page that says use another option that will allow you to use a phone call or text message as your chosen method of authentication.
If you don't care about the money you get paid every fortnight then go ahead. Nobody cares! For employers , you are just a number and for you ,employer is the means to get paid.
If you don't need the money then fuck it.
Do like a friend of mine. He has a 15 dollar a month phone(mint mobile) that he uses for all his job related bullshit. Its all it does and he has no personal accounts on it at all. It kinda sucks that they insist on him using his own equipment for it but its the cheapest way to keep them out of his personal life.
You have the right not to use your personal hardware for work, and the employer must provide the necessary equipment to accomplish your job.
Ask if you could get a hardware token (ie: Yubikey Security Key) instead of using Microsoft Authenticator to fulfill the security requirements. It's low cost and doesn't require a subscription unlike a cellphone plan.
...it won't let me edit my other comment but I wanted to add that YES using MFA is demonstratively far more safe than any password you can set.
With a multi factor enabled you could literally give your password out and people could not access your account without being able to complete that second layer of security.
If MS Authenticator still works with totp urls just like any other authenticator then you can just use some open source authenticator. Some password managers even have one built it.