Microsoft
MicrosoftI thought I posted this, but yes, JonasBack they restore a stub or placeholder entry, and that needs to be shown a new QR code to function. So you have to login to each account and add the new phone, then delete the old one. If you don't have the old phone, you have to use a backup method to approve login, presumably SMS to the number that is now on the new phone. The whole thing takes a few minutes per account.
The process is enough to make me rethink the usefulness of Authenticator. In general, I find it confuses my less-skilled users, who are used to SMS codes but the app is a little hard for them. Some of them have trouble multitasking on the phone (new iOS swipe stuff isn't obvious to them) to approve the login while setting up accounts. And if I have to keep a backup SMS method around in case I lose the phone, I'm not sure how Authenticator improves security, since I'm still vulnerable to SIM-jacking. It's nice not to have to type a code every time I login, but I'm sure that I used all the time I saved and more rebuilding 14 Authenticator accounts after changing phones, and you have 40!
I'll add that the MFA setup flow is not good - it adds a generally unneeded default App Password, and I have to go out and come back to aka.ms/mfasetup to delete that and add the Authenticator, it can't be done as part of the initial flow.
PS: sorry for duplicated content. I thought I posted above, but it hadn't shown up yet when I typed this.
