cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Authenticator App - restore on new phone?

Kiril
Iron Contributor

‎Dec 07 2022 06:18 AM

‎Dec 07 2022 06:18 AM

Microsoft Authenticator App - restore on new phone?

What is the recommended workflow to restore the Microsoft Authenticator App on a new phone, in case a user loses his phone or receives a new phone?

6,975 Views
0 Likes
6 Replies
Reply
6 Replies
Vasil Michev

‎Dec 07 2022 08:38 AM

‎Dec 07 2022 08:38 AM

Re: Microsoft Authenticator App - restore on new phone?

As long as they still have access to the account to which the app data was backed, follow the steps here: https://support.microsoft.com/en-us/topic/bb939936-7a8d-4e88-bc43-49bc1a700a40
1 Like
Reply
Kiril

‎Dec 07 2022 08:46 AM

‎Dec 07 2022 08:46 AM

Re: Microsoft Authenticator App - restore on new phone?

Unfortunately not. But the "old" phone is still available. I am trying to setup the backup, because we are going to exchange a few phones in our organization.

From what I see a personal Microsoft account (?!) is needed to back up the Microsoft Authenticator data. Is there no option to create a backup with a business account?
0 Likes
Reply
Jonas Back

‎Dec 07 2022 02:23 PM

‎Dec 07 2022 02:23 PM

Re: Microsoft Authenticator App - restore on new phone?

Also, Work Accounts are never completely backed up/restored. They need to approve the account sign in from the old phone or alternative method. I assune this is a security decision so that MFA methods for work accounts are not stord in iCloud for example for iOS devices.
1 Like
Reply
Kiril

‎Dec 07 2022 11:31 PM

‎Dec 07 2022 11:31 PM

Re: Microsoft Authenticator App - restore on new phone?

Microsoft recommends abandoning Phone/SMS and switching over to Microsoft Authenticator. Personal accounts for backup is definitely not an option, and you say the account needs to be approved on a new phone.

What options do I have if a user loses his phone on a business trip?
0 Likes
Reply
Jonas Back

‎Dec 08 2022 01:11 AM

‎Dec 08 2022 01:11 AM

Re: Microsoft Authenticator App - restore on new phone?

If you allow SMS/Phone Call they can sign in using this method. If you ONLY allow Microsoft Authenticator the user needs to call the helpdesk to get their MFA methods reset and add a new Microsoft Authenticator on a new phone they get from somewhere. Of course, there are other alternatives too like FIDO2, Softeare/hardware OATH tokens but that is additional stuff.
1 Like
Reply
Kiril

‎Dec 08 2022 01:29 AM

‎Dec 08 2022 01:29 AM

Re: Microsoft Authenticator App - restore on new phone?

But isn't FIDO2 or Software/hardware OATH tokens a better alternative, when SMS/Phone Calls are not considered secure? I don't see the point in having Microsoft Authenticator AND SMS/Phone Call, when Microsoft is telling you that SMS/Phone Call is not secure. This is undermining the security of having Microsoft Authenticator as second factor.
0 Likes
Reply