Copilot for Microsoft 365 Tech Accelerator
Feb 28 2024 07:00 AM - Feb 29 2024 10:30 AM (PST)
Microsoft Tech Community

Microsoft Authenticator on Apple Watch

Brass Contributor

According to this article:

 

Common questions about the Microsoft Authenticator app - Microsoft Support

 

The Microsoft Authenticator app is being discontinued on Apple Watch. I find this very disappointing. I used it many times per day. Yes, it was a bit buggy and unreliable, but it sure was better than picking up my phone every time! Please keep supporting the Watch app!

38 Replies
Agreed. This is the primary reason I use my Apple Watch. This will be a huge step backwards in my day-to-day. I have to authenticate 30+ times a day, and picking up my phone every time is a huge waste of time.
are there any good alternatives for this?
Is there any other Auth app that has apple watch app with the easy to approve a sign in?
An alternative I've used for years and fully trust is Duo Mobile. (Not to be confused with Google Duo, which is a completely different product by Google that has nothing to do with Duo, the company.) I don't think it supports push notifications for third-party authentication (i.e., not sent from a Duo app running on a server or from a Duo-integrated app) and can't remember if it can take the place of Microsoft Authenticator for Microsoft Accounts and Work and School Accounts, but it does allow registering most third-party services for passcode-based MFA, such as Amazon, Google, and PayPal. You can then look up the current passcode on your Apple Watch without needing to use your iPhone.

I was planning on consolidating as many of my MFA-enabled accounts as possible over the holidays to use Microsoft Authenticator so I can cut down on the number of MFA apps I currently use, so I am extremely glad I stumbled across this information now. I will probably test using Duo Mobile for Microsoft-based authentication and, if I remember, will post an update on it here.

This is one of the most disappointing announcements to come out of Microsoft - it was a killer feature of the AzureAD/Authenticator combo and something I relied on and promoted heavily as part of rolling it out - and was much loved by those who used it!

 

I remain hopeful that this is reconsidered - for those that have deployed such solutions it was a really great way to show how frictionless MFA can be…

Extremely bad move on Microsoft's behalf and totally useless. Just fix the issue you have with Face ID and use the standard bypass of this request when the watch is worn and unlocked... Seriously, this is a really bad move.

this is very unfortunate and has a major impact on our company. I don't understand microsoft how they simply switch off such a great function. Technically and user-friendly simply incomprehensible.
Just jumping in to keep this thread alive. I hope MS revisits this decision - I find the ability to authenticate on my watch a huge benefit.
I’m also replying to this thread to express my anger that Microsoft are removing the best feature of their Authenticator app in the Apple space. The watch-face is the perfect place to see the approve/reject buttons when logging into an MS service - who wants to get their phone out every time?!!
Let’s hope they hear their customer voices and relent :crossed_fingers:

@WaynePlummer Yes agreed this is a major step backward for MFA ease of use, and poorly justified based on the little information released.  Let's hope it is reconsidered for the benefit of customers.

What's the situation with this. As the notification that support is discontinued is not shown anymore and this seems to work just fine.

Some people cannot use their phones for Microsoft Authenticator.  There are certain situations where phones with cameras are not allowed.  So, the phone is secured and an Apple Watch is used to respond to MFA push notifications.

 

If support for Apple Watch is removed, it can mean a significant expense for organizations and particularly for contractors that don’t get phones provided to them.  It means switching to an Android phone with no camera, most of which are expensive rugged models, or trying to find some other watch that will continue to support Microsoft Authenticator and work with iPhones, if there is such a watch.  It can also mean the expense of another monthly phone bill.

 

Please consider the impact that this will have, particularly with such short notice.

The only explanation I can find for dropping support for the companion app for watchOS is that it’s "due to it being incompatible with Authenticator security features."  The only place I can find this in Microsoft's documentation is in the How to use number matching in multifactor authentication (MFA) notifications - Authentication method... article.  In that article, it says that Microsoft will enforce the number match experience tenant-wide for all users starting February 27, 2023.  Because of the similar timeframe, it's likely this feature that is incompatible.  Further evidence of that is in Microsoft's response to a post in the New Microsoft Authenticator security features are now available! article:  "Additional Context preview is supported for Apple Watch. However, if the user has Number Matching enabled, they will be unable to use the Apple Watch for authentication. We are working with Apple to address this limitation."

 

I don't understand why this can't be resolved since a similar number matching feature is working with Microsoft personal accounts.  In fact, it's how I authenticated before writing this post.  The only difference I see is that I'm prompted to choose one of three numbers when using my Microsoft account while the Azure AD number matching feature requires entering the number.  Apple Watch allows entering numbers several ways so I don't see why this would be a limiting factor.

 

If number matching is the issue, I hope Microsoft will give admins the option to have users select one of x numbers instead of entering a number so that the watchOS companion app can continue to work, at least until the incompatibilities can be resolved.

I just posted to the Microsoft Azure feedback community. Please vote to keep the watchOS companion app here.

As a Help Desk tech, I authenticate to many services each day. Being able to tap "Approve" on my watch makes the login flow much easier than "pull out phone, faceID to phone, open Authenticator app, faceID again, then tap approve". I've also been getting users moved over from SMS to Microsoft Authenticator and touting the convenience of "just tapping approve on your watch" as compared to getting an SMS or call and entering a code.

 

If I can't use the Authenticator app, I'll just need to set up a third-party TOTP app that I can sync to my watch for ease of access.

Just hopping on to echo the other sentiment in this thread - removing this feature is a major step backwards and a huge disappointment. As a Systems Engineer, I used this feature several dozen times a day. It offered an excellent blend of security and convenience. I hope Microsoft revisits this decision.

I also use this Authenticator for almost all my MFA and now I got to know it doesn't work with Apple Watch anymore! That's really sad like a Huge company like such do something like that. This app on Apple Watch make my day by day super easy and over night my access to it was taken.
I hope Microsoft will reconsider soon after seeing so many users unhappy that's really sad.
Now I will need to find another third-party app that does something I was happy using it for couple of years now.

@DJTentman84 I'm extremely disappointed with this announcement. Today I went to approve a notification on my watch, to find that only the Dismiss option was available & the app has been removed from my watch.

I used this multiple times a day & is so convenient.

 

Bad move Microsoft! 

Agree, I am extremely disappointed about this one, it is literally the only app I use on my watch and it saves me a huge amount of time as I logon many times a day which was easily done using the watch now I have to resort to getting ready to login by finding and opening the phone, and now also run the risk of leaving your phone behind in a classroom.

Come on MS you can do better, give us back this great security tool, its:
good for us
good for you and security

@DJTentman84 

This is really bad... I also used a lot the approval button option on my iwatch, yes with some glitches, but it save me a lot of time.... If I grab my phone, it takes a lot more of time...


It's a shame than a billion dollar company, can't figure it out how to make the iwatch "approval" button works again.... If they can't make it work? Then How do Microsoft expect other developers keep using your tools to make hybrid solutions?

Now than we are speaking of.... please REMAKE Microsoft Authenticator.... it needs to be more usable, you need to think like users, not developers

Before:
iWatch - Notification, turn the wrist, click approve.

Now:
Phone: Notification, Unblock phone, go to notifications or open the Microsoft Authenticator App, unblock the Authenticator App, Approve...

Some one knows if other watches work with authenticator to approve as simple as iwatch was?