Fun fact: when my country transitioned to a new public authentication app, the default way was to use your passport to register. My passport was expired, though, so I had to show up in person with my birth certificate and social security card equivalent.
To get my birth certificate, I had to show up at the local office with, you guessed it, my passport.
Lucky for me that they accepted it in spite of being expired (none of the pertinent information such as my face, name and birth date had expired, after all), or I would probably be trapped in the loop to this day, years later.
Aegis Authenticator is the best 🏆
This is specifically an issue with corporate M365 accounts when a user tries to migrate to a new phone without access to the old phone where the authenticator was setup.
Personal MS accounts can backup their auth secret keys to cloud storage, and when signing in on a new device, it authenticates you with your cloud storage (Google/Apple) and properly restores your MS Authenticator app.
The issue is that while MS says you can backup your corporate M365 accounts in MS Authenticator, it doesnt actually store the secret key, so it's useless.
Have your administrator enable TAP (Temporary Access Passwords) on the tenant. Then an M365 admin can create a TAP for your account that lets you login without a password/2FA. You can use the TAP to login and rejoin MS Authenticator app. The TAP expires in 1 hour by default.
Brought to you by the same company that takes you to the logout page when you go to the login URL
∞-FA
My university recently forced us to use this shitpile to 2FA, it never fails to disappoint
One day authentication of new users will be impossible and the only way to get on will be to purchase it from someone who already has it. Entire companies will run on a single account hey bought for millions of dollars. News stories will run of a vengeful or negligent employees bricking the one corporate account, until a cartel of business owners attempts to corner the market.
I have found that Microsoft has the worst authentication on the planet. From weird, nightmarish loops and processes, to non propagated password changes. Not talking about having multiple accounts etc...
The worst of the worst for me was Atlassian login with Microsoft SSO
Lmaooo this just happened to me the other day. Drove me nuts
People run into this for company MFA not realizing that their IT can enable new account setups. If it's a personal account you already have a device setup so I hope you didn't yeet it into the ocean or you really are screwed
Wait, is this really possible? With Steam you still will be able to access TOPT in the mobile app if you need to log in the same app, at least that's how it worked.
I mean, there are probably one time passwords that go with some of accounts when using F2A. But I don't care about Microsoft account either way.
Aegis Authenticator. Dont trust MS or Google your stuff
