So my company decided to migrate office suite and email etc to Microsoft365. Whatever. But for 2FA login they decided to disable the option to choose “any authenticator” and force Microsoft Authenticator on the (private) phones of both employees and volunteers. Is there any valid reason why they would do this, like it’s demonstrably safer? Or is this a battle I can pick to shield myself a little from MS?

  • ElderWendigo@sh.itjust.works
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    6 months ago

    And my point was that a separate corporate device makes it trivial to manage my privacy and availability. Using my personal phone for work is a hard NO.

    • Saik0A
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      2
      ·
      6 months ago

      Your point is illogical.

      You stated

      they are entitled and expected to track it

      Just to turn around and back-peddle

      If I don’t want them tracking me I just turn it off

      Are they entitled to it or not? If they’re entitled, then why do you have a right to cut it off? I’d argue they have no right to it to track me off hours at all… regardless of the device used. u2f tokens like yubikey would be just as sufficient for 2fa with none of the tracking.

        • Saik0A
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          6 months ago

          Or I brought up a point that you didn’t consider, and rather than addressing it you need to resort to low level ad hominem. You contradicted yourself. Either explain the contradiction or move on. There’s no point in this comment unless you’re attempting to discredit me without reason which just makes you look bad.