MFA without a Cellphone
This is becoming a bigger issue more and more. We cannot, as a company, require our Employees to use a personal cellphone to get text codes or install work apps to authenticate our work accounts. ...
Forum Discussion
We're not seeing the option for a voice call. Also, if we did have this option and we use the user's Teams phone number as the voice call (since there is no cellphone and there is no office line as that is also Teams Auto Attendant), what happens when Teams needs to reauthenticate? Will the incoming call still work when the app won't launch because it needs to be reauthenticated?
We, nor most people anymore, have an office line with a receptionist that can answer.
We, nor most people anymore, have an office line with a receptionist that can answer.
Agree with MG! It seems there is a huge oversight (or perhaps undersight) by Microsoft on this. Recently, I've even had MFA options that are indeed set up on my account not even get presented as an option. This is super frustrating and I think it's going to drive people away from using MFA. It's like the old joke "User: I cannot log into my email, my password is bad. Support: Check your email for the new password."
MatthewShulmansorry, but on my private phone I donĀ“t install any that belongs to my job. PRIVATE is PRIVATE
- We can't force our employees to use their own personal device for work purposes. That is just not allowed or enforceable (at least it's not in Canada for privacy concerns).
We should also not have to provide a corporate phone to a user that will solely be used to authenticate (which may be only once every 60 days) when we already pay for their AD license with Office. Even the cheapest plans require contracts and hundred of dollars a year to maintain just for 1 Employee. - No nothing is installed, however, you are now using a personal phone's SMS package for business use and also setting up an Employee's personal cellphone number on the employee's setup. We cannot legally require an Employee to use their personal cellphone for business use. Add into this issue the Employee travels outside of their home country and if those texts start happening, we (the business) may now be liable to pay for those charges. It's a big mess that many companies do not want to even get involved with.
- In Canada they sure do.
- If Microsoft would make it easier for businesses to buy USB or Fobs for MFA we wouldn't be having this conversation. I still haven't figured it out and it now seems we have to switch to passwordless but just want a way to authenticate without a phone. Cleary there is a need.
- We've looked into this as well but cannot find a vendor in Canada or US that fully supports it.
Even if the carrier doesn't charge for text messages it's besides the point. The business plan shouldn't be to require your employee have a personal cell phone. While nearly everyone out there does you do have some that wont. Many services require the consumer to have a cell phone for MFA. But that is them providing a service to a consumer. That consumer could choose to not enable MFA or not use that service. We are talking about associates being required to do something to improve security for that business. Unless you have them on a business cell plan the requirement (or provide them a kickback on their personal cell plan) to use a personal phone to perform an expected work function is wrong. Vicks1x365
- Agree its not reasonable for business to force any employee to meet business goals.
But do these employees / associates never use business resources (internet / pc etc.) to for personal use ? luvsql Not to mention that on top of that half the office I support they don't receive mobile signal anyway - work or personal mobile phone won't work
I object and resent being forced to use MFA that only allows for a telephone or a cell phone. It's obnoxious, and not hack-proof. Banks in particular want access to everyone's personal devices, and I just fired a bank for that very reason. No one likes being bullied by giant, greedy corporate entities. There are 3 levels of security to access my account online, and was still forced to waste my time with their MFA BS. bye bye bullies. Personally, the entire banking system should be EMP'd so the world can reset what is of value, and what isn't.
