Depends on what apps you need the 2FA for. Microsoft Teams won't allow any other Authenticator app but Microsoft Authenticator.
Nice, but why not have something like this for passkeys?
I cannot second that.Depends on what apps you need the 2FA for. Microsoft Teams won't allow any other Authenticator app but Microsoft Authenticator.
Regarding adoption of passkeys, I think people in general don’t like passkeys that much, because while in principle more secure, they are a bit of a black box. Entering a password or time-based code is something that everyone can intuitively grasp on some level. The mechanism of passkeys is more opaque and a bit inscrutable.Nice, but why not have something like this for passkeys?
Why is it going so going so slow to move over to passkeys? I thought we would have come much further by now.
Hmm interesting. I have the App installed and it synced my codes from iPhone to iPad without an Proton Account via iCloud.It backs up to iCloud, but according to their FAQ you need to create an account to sync across devices.
View attachment 2533173
I recently switched from Google’s authentication app to Apple’s Passwords app, and it’s significantly better. You don’t have to manually transfer all your accounts whenever you get a new phone because it seamlessly transfers over with your iCloud. This feature works on all Apple devices, so you don’t need to get a new phone if you need a code while using your MacBook. I highly recommend this app to everyone
Texted like SMS?I am just now logging into my Amazon account using Safari, entering a password and it is asking me to enter the code it just texted me.
It depends on the authentication method. Passwordless sign-in with the two-digit code for example is specific to the Microsoft app, I believe. Administrators can also require geolocation information in the protocol, which propably also requires the Microsoft app.I use Authy for all my 2FA needs since years and it works flawlessly with all Microsoft services i use at work? 🤔
Yes. SMS. [Edit: My carrier has the SIM lock feature, and I've locked it, so what other risks are there with SMS 2FA?]Texted like SMS?
Well, most companies don't use this expensive and unsecure method anymore, but a 2FA computer standard to generate the codes in a special computer program. (For example in the Apple password app)
Passwordless yes, but TOTP you can setup different authenticators.It depends on the authentication method. Passwordless sign-in with the two-digit code for example is specific to the Microsoft app, I believe. Administrators can also require geolocation information in the protocol, which propably also requires the Microsoft app.
Someone please correct me if that is incorrect, I wouldn’t mind getting rid of the Microsoft app.
Ok, maybe if you want to use special features, that only Microsoft provides to their services, this might be the case. But our administrators simply enforced the use of 2FA, wanted to be as independent as possible and insisted of using a secondary device (mostly the personal mobile) for authentication. So they used the widespread method, that works with all 2FA apps.It depends on the authentication method. Passwordless sign-in with the two-digit code for example is specific to the Microsoft app, I believe. Administrators can also require geolocation information in the protocol, which propably also requires the Microsoft app.
Someone please correct me if that is incorrect, I wouldn’t mind getting rid of the Microsoft app.
This isn’t true. They hide the link to use a different app for 2FA in Microsoft account settings — Microsoft Authenticator is the big blue button “golden path” — but it’s there. (It might be different if you’re using a Microsoft account provided by your organization, not sure.)Depends on what apps you need the 2FA for. Microsoft Teams won't allow any other Authenticator app but Microsoft Authenticator.
I do. It's fine for my needs.Awesome. I love Proton. I already use Proton Pass to store my 2FA codes. It would be cool to be able to export all my codes to this app and run it offline. They updated Proton Pass the other day and it logged me out so I couldn't do anything until I got home. I did use to have my Proton 2FA code in Google Authenticator and I have a printed copy of my code at home in a safe.
This could be super useful. Going to look into it now.
Yeah but who actually uses Apple Passwords lol. It's so barebones and behind every other password manager.
What you are referring to is called SMS 2FA. It's considered less secure because SMS messages can be intercepted without having access to your device.I am just now logging into my Amazon account using Safari, entering a password and it is asking me to enter the code it just texted me.
An attacker can spoof locally generated TOTPs if the setup code is compromised or brute-forced, neither of which necessarily requires physical access to a device. It’s definitely more secure than SMS-based 2FA, but a shared secret is only as good as its secrecy.What you are referring to is called SMS 2FA. It's considered less secure because SMS messages can be intercepted without having access to your device.
This and other authenticator apps don't use SMS, they essentially generate a rolling code locally on your device that is synced with the various services you've enrolled with it. When prompted for your 2FA code, you use this app, to provide it. Nobody can intercept it unless they have your device and can log into it.