Forum Discussion
Two factor authentication and Android mail client
The solution is to establish an APP-password in your profile/account and use this instead of your standard password.
I have put in a lot more testing into this and there is unfortunately no fix for Android devices using native email that are managed by a corporate MDM platform - Airwatch & InTune in my case.
As you say the APP Password does work but I am trying to avoid this as we don't want to manage them and they do not change without a manual process so not very secure.
The ideal is that MDM's can force OAuth requests to Android but this does not seem to be supported at the Android layer, Apple do have it though with iOS and it works.
The only other options I have worked out are -
1 - Register the device via active sync for email but it's not then managed
2 - Use the Outlook client for android - creates a massive change control issue as 99% use native email client.
Thanks for your reply though 😉
As a follow up, we ended up just recommending that people download and use the Outlook client application. The app password idea mystified users in our organization and was really hard for them to use. We pitched the idea as creating a seperate mail app segregating your work life (Outlook app) and your home life (Default mail app). We've had many people within the org thank us for this concept.
- I prefer to have all my calendars in one place, and I prefer the folder (sub folders) handling in the native Android mail client.
If I disable MFA and go back to the point we had no issues, what am I risking?KCox61 Greetings, I did not see a reply to your question so if I may. MFA will not effect the functionality if you get it working and it is usually a one time deal.
What is at risk, should someone gain access to your credentials, they will be able to use them on any device to access your emails and your Office account as a whole.
In todays world it is almost a necessary evil to use MFA.
That being said, I Apple and Android products I use and I prefer to use Outlook as there are no sync issue with my desktop calendars, contacts, etc..
Hope this is helpful
