Forum Discussion
Multi-Factor Authentication for people without a Smart Phone?
Howdy,
We have a couple people who don't have Smart Phones and need to use MFA. We don't want to use a simple Text Message if we can and prefer to use something a bit more secure. I found there is an Authenticator App for Windows 10 but it doesn't seem to work with O365 accounts.
Are there any sort of keyfob dongle or USB dongle thing that work with Office 365 that we can get for people who don't have smartphones? I've used the kind where the number on the fob changes every minute just like an authenticator app would but that was many years ago.
If anyone knows something we can use to make this work, let me know.
Thanks!
11 Replies
- fido or one time passwort(otp)
you may want to use 1Password. That has a client app or a browser addin that can generate OTP's
https://support.1password.com/one-time-passwords/
Come on Microsoft, my client is blind and uses voice for everything. Please why cram authenticators down everyone's throat? I understand the importance of two factor.
PLEASE ALLOW SKIPPING TO A PHONE CALL, TEXT, ALT EMAIL or SECRET PASSWORD like app password to allow passage through the Monty Python MFA Troll Bridge.
The poor guy CANNOT SEE the Q-Code, much less enter the numbers if sent to an app. He can HEAR the codes if we can set it up for a phone call, or hear his alternate email when the PC or phone reads it to him. I can turn off MFA in Azure, but rather not.I agree with you wholeheartedly, RickkeeC! I'm not blind in eyes, but my eyes are not great. Plus I don't have a smartphone with a line like a regular phone. I have 2 but they are not hooked up as I am still very green and use landline lol. I prefer alternate email to prove I am who I am. I think it should continue to be an option as not everyone has or wants to have a cellphone. Maybe I will in the future, I'm just saying I don't have it now. I also understand the importance of 2FA. So far I've been able to skip the step trying to use my password with my bank, but I realize my time is short and at some point they will not allow me to skip the step and will have to provide a cell number which I do not have. I guess then I may not be going to my bank online anymore. Shame, because isn't it supposed to be keeping hackers out of MY account?! - not keeping ME out of my OWN bank account!
I use WinAuth.exe on desktop/Laptop to create MFA for people without SmartPhone.
Works as a charm .
cheers.
Jan Swinkels
- well if you are using your laptop / desktop to access o365 on the same machine winauth is running, you're not exactly using MFA :P.
Support for hardware tokens, FIDO and other methods is coming soon, as announced in this Ignite session: https://www.youtube.com/watch?v=Au7spkRcDFU
Hi VasilMichev , I have a customer with a similar situation wherein they would like to use UB keys , but they dont have an option to leverage that option at the time of configuration, wherein it still prompts the user to use the authenticator app .
Rahul_SinghWe use the SafeID/Mini tokens from here:
http://www.deepnetsecurity.com/authenticators/one-time-password/safeid/
They work great for those that don't have, or don't want to use, a smartphone.
I forgot to mention that we have a local AD system that syncs up to Azure AD. I don't know if that changes anything or not. We are using Exchange, Teams, etc in Office 365 have AD syncing.
Thanks.
