Attention MFA (Microsoft Authenticator) App Users For Your Work - Take Note For Damaged/Lost/Stolen Phones

 

Many, many, many businesses now use the MFA (Microsoft Authenticator) app for work.

(Some people use Duo, but most use MFA.)

The app is designed to initiate an extra security code so that you can log into your work - particularly if you have a VPN.

However, as mentioned, I dropped my iPhone in water (mountain stream) in Gatlinburg.

Here's the issue with that ...

MFA is exclusively a mobile app - there is no browser version.

Thus, your only option is to either buy a new phone immediate or use an alternate cell phone or borrow one (which defeats the whole purpose of extra security.)

There were no local service provider locations in Gatlinburg, so I had to order a new phone online to ship to my home, arriving today.

If you are able to login to your work's security settings, you can temporarily change your security phone number to an alternate phone or family member's phone - but be aware of who you ask - this in and of itself is a security risk if your work involves sensitive information.

If you cannot log in to your work/school's security sign in info at all because you need to authenticate, call your work/school's IT department and they will change it.

But here's the issue with using someone else's phone ...

The latest MFA app version will only install if you have IOS 16 or higher - so iPhones 7, 8, and 9 are automatically unable to install the apps.

(This is the situation we are in, so I'm awaiting for my new phone to arrive so I can work.)

It is absolutely amazing to me that so many businesses are now completely reliant on MFA, which is exclusively a mobile app - that Microsoft has no browser version for..

So if your phone is damaged/lost/stolen, you have to use someone else's phone - which is a bit concerning for security and defeats the whole purpose of authentication security, right?

I mean, let's say you're out of town on business alone - what are you supposed to do, ask a complete stranger or business associate to use their cell phone to securely sign in to your work stuff with sensitive info? 

"Oh, hey, complete stranger on the street, can I borrow your iPhone to be able to log securely log into my work's private servers?"

I don't think so. 

Come on, Microsoft, you can do better.

And even then, the alternate phone must be newer because the latest MFA version won't install on older phones!

Guess Apple wants you to buy a new phone first ...