this post was submitted on 03 Jul 2026
263 points (98.9% liked)

Technology

7038 readers
67 users here now

News community around technology, social media platforms, information technology and governmental policy surrounding it.

What doesn't fit here?

The core of the story has to be technology focused.


Post guidelines

Title formatPost title should mirror the news source title. If you don't like the title of article, look for an alternative source instead of editorializing it.
URL formatPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
[Opinion] prefixOpinion (op-ed) articles must use [Opinion] prefix before the title. Opinion articles refer to articles that their publisher doesn't explictly endorse.
Country prefixCountry prefix can be added to the title with a separator (|, :, etc.) if the news is from a local publisher who doesn't clearly mention the country.


Rules

1. English onlyTitle and associated content has to be in English.
2. Use original linkPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communicationAll communication has to be respectful of differing opinions, viewpoints, and experiences.
4. InclusivityEveryone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacksAny kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangentsStay on topic. Keep it relevant.
7. Instance rules may applyIf something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.


Companion communities

!globalnews@lemmy.zip
!interestingshare@lemmy.zip


Icon attribution | Banner attribution


If someone is interested in moderating this community, message @brikox@lemmy.zip.

founded 2 years ago
MODERATORS
 

Microsoft warns Authenticator will block rooted Android and jailbroken iOS, verify if your phone is affected.

top 50 comments
sorted by: hot top controversial new old
[–] Wizard_Pope@lemmy.world 78 points 2 weeks ago* (last edited 2 weeks ago) (9 children)

Why would you use microsoft Authenticator anyway? There are other options

[–] skooma_king@piefed.social 68 points 2 weeks ago (12 children)
[–] Korhaka@sopuli.xyz 16 points 2 weeks ago* (last edited 2 weeks ago)

I don't really mind using shit software on work devices. Yes it's slow and inefficient, I spent half an hour today on Windows doing what would be a very short command on Linux. Fuck it, get paid the same. I just use Linux at home in my own time.

I'll point out better software exists. If I don't get support in changing it or allowed to change it, fuck it. It's on them at that point.

[–] Wizard_Pope@lemmy.world 4 points 2 weeks ago (4 children)

You can use other authenticators. I use ente auth for my microsoft account

[–] atrielienz@lemmy.world 17 points 2 weeks ago (10 children)

I can't. The authenticator for my job was set up on my work device by my IT department.

load more comments (10 replies)
[–] skooma_king@piefed.social 6 points 2 weeks ago

Depends on how your M365 tenant is configured. Both conditional access policies and authentication strengths can enforce the requirement

[–] tostiman@sh.itjust.works 4 points 2 weeks ago

My work MS account requires MS authenticator specifically, can't use another 2fa app

load more comments (1 replies)
load more comments (10 replies)
[–] blargh513@sh.itjust.works 15 points 2 weeks ago

Some organizations require authenticator; they don't just use it for MFA codes, it's goes deeper than that.

Also, most large enterprise fall for the stupid Microsoft trap. They buy enterpise licensing in bulk (E3, E5, whatever) and bosses who have no brains will say "well, let's use more microsoft products since they're 'free'". The trap is that, yes, your enterprise license agreement includes entitlements to a lot of their stuff, but they nickle and dime you on stupid shit like the storage so you can keep the logging and telemetry data you typically need for security, troubleshooting and some audit requirements.

I can't imagine ever using any of their shit beyond Office products. Their security software is crap compared to most offerings, they still seem to think that networks are bad so we should do as little as possible about them. Azure is just a completely uncontrollable money drain (by design) that is damn near impossible to secure properly once you give developers enough access to actually do their jobs.

I've been working in security for a long time now and they continue to be such a fucking liability and drain on money at every turn. If I ran the zoo, I would switch the entire enteprise to Linux and find just about any other collaboration suite to use.

Fuck Excel and fuck you if all you do with it is make lists. Fuck powerpoint and fuck every boss who is too dumb to read and only can accept information when it is spoon fed to them in a deck. Word is OK, but nobody reads anymore so what's the point?

[–] ThunderLegend@sh.itjust.works 6 points 2 weeks ago (4 children)

I had to use it for my work. They required MS authenticator. I think it's bullshit and tried to export my 2fa to bitwarden. I couldn't. And to add another 2fa .method I need to call support so I gave it up

load more comments (4 replies)
[–] BCsven@lemmy.ca 5 points 2 weeks ago

I had a yubikey as my hardware authentication, then a coworkers email got hacked so IT moved us all to Microsoft authenticator, so now I have a less secure login method LOL

[–] richardwallass@sh.itjust.works 4 points 2 weeks ago (4 children)

When you are using your phone for your work you don't really have the choice.

[–] Wizard_Pope@lemmy.world 5 points 2 weeks ago

If it's work provided sure. But if its your own device then fuck them, not installing that shit on my own device. Provide one for me

load more comments (3 replies)
load more comments (4 replies)
[–] qupada@fedia.io 56 points 2 weeks ago

I can guarantee this will be a hilarious shitstorm of false positives wasting IT departments' time, because their detection of it is massively flawed.

At least once a month my - completely stock, and un-rooted - phone tells me I can't use Outlook/Teams because of root. Every time, a reboot is required to resolve this. One one occasion, TWO reboots.

Ignoring whatever reason Microsoft think they're blocking this for, it's going to regularly block regular users, who are not going to stand for it.

[–] baguettefish@discuss.tchncs.de 51 points 2 weeks ago

microsoft truly hates productivity in the workplace

[–] lemmysmash@beehaw.org 30 points 2 weeks ago (5 children)

Fuck all these totalitarian corpos.

load more comments (5 replies)
[–] turkishcryptid@lemmy.zip 23 points 2 weeks ago

They somehow trying to eliminate everything they cannot control, funny

[–] MrSulu@lemmy.ml 13 points 2 weeks ago (2 children)

It may be painful but a switch to Ente Auth or similar is a must

load more comments (1 replies)
[–] saltesc@lemmy.world 13 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Ths is gonna cause some fun at work. I know our IT team would not be on top of this until one day a portion of employees can't SSO in. Then mayhem will ensue by heels being dug on both sides.

[–] halcyoncmdr@piefed.social 6 points 2 weeks ago

Your company should be issuing devices if employees need to use apps like that. IT issued equipment shouldn't be jailbroken or rooted, it should be managed via MDM.

Otherwise they deserve it for trying to cut corners by having employees use personal devices. If they're doing that, they're almost certainly not paying for the work use of those devices either.

[–] BurgerBaron@quokk.au 13 points 2 weeks ago (1 children)

I don't use my account for email anymore or use Windows very often but I just changed the two factor authenticator to Aegis. They make the text to use an alternative authenticator app tiny blue hyperlink text but you can do it confirmed.

[–] EnsignWashout@startrek.website 5 points 2 weeks ago

Yes. I also switched to Aegis.

[–] MonkderVierte@lemmy.zip 10 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

verify if your phone is affected

No, i don't use spyware.

load more comments (1 replies)
[–] Eternal192@anarchist.nexus 8 points 2 weeks ago (4 children)

Why the fuck would you use a personal phone for work?

Get some cheap alternative and put the authenticator on that phone and say that is your main phone.

[–] Triumph@fedia.io 13 points 2 weeks ago (2 children)
[–] Korhaka@sopuli.xyz 8 points 2 weeks ago

Sure but you can use your own choice of 2FA software for your own stuff

load more comments (1 replies)
[–] OwOarchist@pawb.social 5 points 2 weeks ago

Better yet, if your work requires you to have Microsoft Authenticator, tell them that they need to provide you with a device capable of using it.

Instead of spending your own money on a burner phone just for that, make your work pay for it.

[–] NewNewAugustEast@lemmy.zip 5 points 2 weeks ago* (last edited 2 weeks ago)

I wont use my personal phone for anything work related except authentication. Since it sits in its own little jail, it's fine.

I work all over the world and remote in. I have no other work related devices or equipment.

I look at it as a key card from the old days when I had to go into a building. I think that is a pretty trivial use case and doesn't need them to provide a phone, and in fact I absolutely would not want a device owned by anyone else that I carried around. That is FAR worse.

That said, this change sucks as I will now need to get around this bullshit.

[–] Luminous5481@anarchist.nexus 4 points 2 weeks ago (6 children)

you don't just use authenticator for work. anybody who plays Minecraft uses it.

load more comments (6 replies)
[–] cmnybo@discuss.tchncs.de 8 points 2 weeks ago (2 children)

There are a couple Android ports of KeePass. They are open source and won't care if your phone is rooted.

[–] BrikoX@lemmy.zip 9 points 2 weeks ago (3 children)
load more comments (3 replies)
[–] matrixrunner@lemmy.world 5 points 2 weeks ago

KeePassDX Android does. Been using it for a while now.

[–] Godort@lemmy.ca 7 points 2 weeks ago (4 children)

How does the tool actually check for this?

Does it just use the Play Integrety API, or does it use some kind of other attestation check?

The need for full root privilege has fallen by the wayside assuming you can trust the OS running on the device. I dont hate this change if I can run a custom ROM that will report that the user does not have root privilege and that the OS has not been modified since boot.

[–] Quetzalcutlass@lemmy.world 8 points 2 weeks ago

Probably Play Integrity, since it's still working on my phone with the Play Integrity Fix Magisk module installed.

load more comments (3 replies)
[–] OwOarchist@pawb.social 5 points 2 weeks ago

Because, obviously, you can't be a real person if you don't let the corpos control your device.

load more comments
view more: next ›