this post was submitted on 18 Oct 2023
119 points (94.7% liked)

Technology

59174 readers
3700 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Microsoft is preparing to bring on Amazon as a customer of its 365 cloud tools in a $1 billion megadeal, according to an internal document::Preparations for this huge cloud software deal mark a significant shift in the relationship between the two technology giants.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 26 points 1 year ago (7 children)

My company recently started using MS Authenticator for 2FA in our emails. At first I was pleased about the extra security. But the way they implemented it is so fucking bonkers I can’t even handle it.

When you log in, it tells you to check your phone. On your phone you have to enter your password, then wait about 10 seconds, use biometrics, then they show you a number, and then ask you to type that number - on your phone, the same fucking device they showed it to you. And if you miss the number flashing, the text box where you enter the number covers the number so you have to tap “I can’t see the number, hide this box”. Then, if you’re trying to check your email on mobile, you have to force quit Outlook because it won’t load new emails until it launches.

The worst part is that you lose your token two times a day. So you have to log in twice a day on every device you use. It’s such a hindrance to productivity it’s insane.

[–] [email protected] 15 points 1 year ago

That's pretty shitty implementation... By your IT department

[–] [email protected] 14 points 1 year ago (1 children)

Something is definitely wrong... or set up differently. I haven't had the need to use 2FA for Microsoft products on anything after the first time I sign in to a new device. Contact your IT department. They may be able to help you.

[–] [email protected] 4 points 1 year ago

This is company wide and countless complaints have been made.

[–] [email protected] 13 points 1 year ago (2 children)

That does not sound right. They should be promoting you to enter the number on the device where you initiated the authentication, not on your phone; at least that is how it works for me when I connect my company laptop to VPN - I have to use MS Authenticator on my phone, which shows a number (protected by two biometrics), which I then have to enter on my laptop.

[–] [email protected] 4 points 1 year ago (1 children)

No, OP is completely correct. It’s all down to how the company configures their MFA, but MS MFA will definitely show you a two-digit number on the system you initiated the auth on, and force you to type that on your Authenticator app.

I work with a vendor that has this setup and do this every day when accessing their systems.

Thankfully my own company doesn’t have the type a number stuff turned on.

[–] [email protected] 1 points 1 year ago

Yes you are right, that is how I have to do it - I got it the wrong way round in my previous post. I enter the numbers into the app on my phone.

[–] [email protected] 2 points 1 year ago

Yea thats a really bad implementation. We use 2FA at my work and its much less cumbersome than this.

[–] [email protected] 9 points 1 year ago

Your IT department set it up wrong in your Microsoft tenant.

[–] [email protected] 1 points 1 year ago

And if you decide not to use ms Authenticator every time you log in with a third party one it’ll recommend you to get it every time. Don’t sell me shit when I’m trying to securely log in.

[–] [email protected] 1 points 1 year ago

We get the number on our device and the notification on mobile is right quick, so by the time you've unlocked your phone you click the notif, copy the number and done. That's not too unbearable.