Same thing with proton pass. How will i login to proton pass if i save my proton mail password in it.
Why would you store your password manager’s password in your password manager??? That’s like putting a safe’s key into the safe
I know but I remember it was saved by default in it. I am really confused about it. What should I do abt it? Should I just make a memorable password and remember the proton account password? or something else?
Yes, use random words or sentences. https://www.useapassphrase.com/
Anyone else hate Microsoft forcing you to use Authenticator rather than alternatives?
Just another way I’m forced to install Microsoft crap on my devices :/
It’s been a long time since I set it up, but I have Microsoft accounts in my usual TOTP app (Aegis). Maybe I did it manually? But it’s definitely possible.
PSA, don’t use Microsoft authenticator. It’s easy to accidentally wipe your cloud backup and lose all your authenticator codes when switching devices
I think you can use standard TOTP regardless if you add TOTP as an option in the authentication methods on your account page. At least I did and the system has yet to complain.
Nope, IT can disable third-party TOTP services, and force all employees to use the official MS Authenticator app.
Is there actually any way to export the secrets from MS authenticator? I’ve been wanting to move them to something like bitwarden but it’s gonna take ages if I have to reset all ~50
They provide “Cloud Backups”.
Take the time, move them 5 a day. Better than loosing them forever
Yes, and while you can move it phone to phone on iOS, you cannot on Android. So stupid.
If you are forced to use it by your company just use it for that email, nothing else. Use something like authy instead.
If your company forced you to use mobile authentication, they should also be providing you with a device on the company plan at no cost to the employee.
In which case you should absolutely use MS Auth and give them all your delicious work data because nothing personal should be on the device anyway.
Can you provide more info how it’s easy to accidentally wipe? I’ve only done a transfer once, but it was by installing authenticator on the new phone and logging in, then deleting the other one on the old phone after testing that the codes work.
You have to begin the recovery on the new device before logging in. If you log in normally and enable cloud backup on the new device, it will simply overwrite the existing backup with a new empty one
This is a configuration item. Nothing to do with the app. It’s a choice your company has made.
The one that forces you only to use ‘passwordless’ logins or forces that MFA challenge. Your admins had a choice on what they allow.
It seems something changed on MS end though because I have control of what MFA i use on our corporate acxount, which was setup with Yubikey, until about a month ago when this Use Your Outlook Mobile started on it’s own
My admins said they see a big red “insecure” banner if they allow other 2FA apps.
I got FreeOTP from F-droid. Works like a charm.
I usually use Bitwarden myself, but the company uses Microsoft Authenticator.
