Forum Discussion
MFA without a Cellphone
This is becoming a bigger issue more and more. We cannot, as a company, require our Employees to use a personal cellphone to get text codes or install work apps to authenticate our work accounts. ...
Have you found a solution yet? I thought we could use SafeID OATH TOTP hardware tokens but in the MFA settings in Azure, when you select the method of notification 'hardware token' is combine with authenticator app. so you're still stuck with expecting users to have a smartphone whether it's their personal or work. Like you, we have users that do not have company smartphones and can't rely on their personal phones to authenticate.
I bought a Yubikey 5 USB-C but have not had a chance yet to test it out. Hoping it works. It's expensive ($65 in Canada) but still cheaper than a cellphone plan.
Noting that your post is from many months ago, I was wondering what, if any, solution you eventually settled on. Did you proceed with the Yubikey solution, select another, or are you still researching alternatives? I would greatly appreciate an update as we too are now looking for a similar solution. Thankyou.
- Deepnet Security SafeID classic token I was able to get a quote from them today. About $16 USD. I found a virtual token tool (https://www.token2.com/site/page/totp-toolset) to test with Azure and it works well. No need to go into the users MFA security information profile to configure anything, once you upload the CSV file and activate you're good to go.
- Are all of these third party tokens "officially" supported by Microsoft?
- Deepnet says they are. The virtual one is but i'm not purchasing that one I think they are in Europe. You want an OATH TOTP token.
