Asklemmy

43908 readers

1308 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

201

Can I refuse MS Authenticator? (lemmy.ml)

submitted 5 months ago by [email protected] to c/[email protected]

247 comments fedilink hide all child comments

So my company decided to migrate office suite and email etc to Microsoft365. Whatever. But for 2FA login they decided to disable the option to choose "any authenticator" and force Microsoft Authenticator on the (private) phones of both employees and volunteers. Is there any valid reason why they would do this, like it's demonstrably safer? Or is this a battle I can pick to shield myself a little from MS?

(page 3) 50 comments

sorted by: hot top controversial new old

[–] [email protected] 3 points 5 months ago (2 children)

When setting up the authentication when it asks you to set up Microsoft authenticator there should be a drop-down at the bottom of the page that says use another option that will allow you to use a phone call or text message as your chosen method of authentication.

load more comments (2 replies)

[–] [email protected] 3 points 5 months ago* (last edited 5 months ago) (3 children)

You have the right not to use your personal hardware for work, and the employer must provide the necessary equipment to accomplish your job.

Ask if you could get a hardware token (ie: Yubikey Security Key) instead of using Microsoft Authenticator to fulfill the security requirements. It's low cost and doesn't require a subscription unlike a cellphone plan.

load more comments (3 replies)

[–] [email protected] 3 points 5 months ago (1 children)

...it won't let me edit my other comment but I wanted to add that YES using MFA is demonstratively far more safe than any password you can set.

With a multi factor enabled you could literally give your password out and people could not access your account without being able to complete that second layer of security.

load more comments (1 replies)

[–] [email protected] 3 points 5 months ago (7 children)

Do like a friend of mine. He has a 15 dollar a month phone(mint mobile) that he uses for all his job related bullshit. Its all it does and he has no personal accounts on it at all. It kinda sucks that they insist on him using his own equipment for it but its the cheapest way to keep them out of his personal life.

load more comments (7 replies)

[–] [email protected] 3 points 5 months ago

If you don't care about the money you get paid every fortnight then go ahead. Nobody cares! For employers , you are just a number and for you ,employer is the means to get paid.

If you don't need the money then fuck it.

[–] [email protected] 2 points 5 months ago

I am in IT and I feel like I speak for the industry we don't care. Some of my customers have regulators who make arbitrary and capricious decisions with a minimal understanding of infosec but we have to keep the customer compliant.

load more comments