Mar 09 2021 12:51 PM
This is becoming a bigger issue more and more. We cannot, as a company, require our Employees to use a personal cellphone to get text codes or install work apps to authenticate our work accounts.
We supply these users with a Business Voice license so they can make business calls and accept business calls.
All of our employees have corporately paid laptops running Windows 10 and all have SharePoint, Email, OneDrive, Teams etc.
Microsoft does not offer the authenticator app on Windows 10 so we can't use that method.
So what do we do? Leave all these accounts vulnerable? I've read about using "landlines" for authentication then Microsoft says that's not secure but then provides no guidance on exactly how we're supposed to do this.
We cannot be expected to pay for a cellphone for all these users just to use one app. That's ridiculous.
Mar 15 2022 10:03 AM
Mar 15 2022 10:34 AM
Mar 17 2022 08:55 AM
Jun 10 2022 03:36 AM
Jul 21 2022 01:07 PM
Aug 12 2022 06:32 AM
@luvsql Not to mention that on top of that half the office I support they don't receive mobile signal anyway - work or personal mobile phone won't work
Sep 23 2022 08:42 AM
I object and resent being forced to use MFA that only allows for a telephone or a cell phone. It's obnoxious, and not hack-proof. Banks in particular want access to everyone's personal devices, and I just fired a bank for that very reason. No one likes being bullied by giant, greedy corporate entities. There are 3 levels of security to access my account online, and was still forced to waste my time with their MFA BS. bye bye bullies. Personally, the entire banking system should be EMP'd so the world can reset what is of value, and what isn't.
Sep 28 2022 11:13 AM - edited Sep 28 2022 11:25 AM
Until just a couple months ago, I had a T-mobile account that gave me 100 texts, after which is was 10 US cents/text; my impression this was to send OR receive. I text rather rarely and it was an unusual month that I sent received > 20 texts. However, if I had to receive an MFA text, possibly even >once per day, I'd be over the free allotment. It wouldn't be that much, but not negligible, either. I expect my next plan to have unlimited texting, but a company should not assume this. While I am waffling on cell phone carrier, I've been unable to access my company's email for almost 2 weeks. (They dropped the receive call at land line option, because the found it to be unreliable.) I work in a lab and can get by without constant email access, but at least once I didn't know of a data need as quick as I should have. Companies need to consider whether everyone has (free) access to texts.
Sep 28 2022 11:24 AM
Sep 29 2022 03:21 PM
Oct 05 2022 09:16 AM - edited Oct 05 2022 09:35 AM
@luvsql Did you find a resolution? We are in the exact same situation. For a variety of reasons, telling employees that they MUST use their personal phones is going to create enormous issues and perhaps legal ones too (not sure of it in the US). What if one forgets their smart phone one day? They can't get to their business email all day long? What if users have a work supplied smartphone but it is shared - can they still each use it for MFA? As another poster mentioned, many of our users can't use their smartphones at work because of the way the building is constructed - no signal. Our police officers are going to be out in their vehicles when accessing email - there is no way other than forcing to use their personal phones? We have one phone number for the entire organization for land lines, we each have an extension from then on, is there a desk phone option that would work in that scenario? Other posters have mentioned that in some countries, it is illegal to force employees to use their personal phones for business reasons. Why didn't MS think this through? Think about the REAL world?
If anyone has heard anything from MS or has a valid solution without using third party options, we'd LOVE to hear from you!
Oct 05 2022 09:24 AM
Oct 05 2022 09:54 AM
Oct 12 2022 01:04 PM
@Matthew Shulman Absolutely not - I want absolutely nothing for my workplace on my personal device. I had the option to use my personal device for work, and I declined. My personal life and work are completely separate and should remain such.
Oct 24 2022 11:23 AM
Nov 11 2022 04:06 AM
In our workplace we are unable to phones on the shopfloor for security reasons. We have implemented
We bought
Here is a video of the process we followed for importing the token details (which were supplied by the vendor in a csv file. we just needed to add the UPN details for the appropriate user \ reader )
https://www.youtube.com/watch?v=dPMUFd5HqQQ
You then simply turn on MFA for the user like you would normally as an administrator
When the user logs in, it will ask for the number off the token.
Solution works well and is surprisingly simple once you know how.
Nov 11 2022 08:57 AM
@cpbowcpbow The Authenticator app doesn't require or need any form of network connection if you select the OTP (Code method). Once registered to the user account - it constantly generates codes every 30 seconds or so based on an algorithm or seed which was linked with Azure at time of registration. So when a webpage displays "Enter the Code from your Authenticator" type message - it already knows what the correct code should be - and if you type in the correct code shown in the app - then you get access. The App itself doesn't need to transmit that code to Azure.
Dec 06 2022 11:53 AM
For OATH authentication do we have software token method? @Vicks1x365
Dec 06 2022 12:16 PM