Difference between "Microsoft Authenticator" and "Authenticator app" in Security Info

Iron Contributor

When I visit Security info (https://mysignins.microsoft.com/security-info), I see two different sign-in methods, "Microsoft Authenticator" and "Authenticator app". I have added my Microsoft work account only in one authenticator app (Microsoft Authenticator) on one device.


What is the difference between those methods?




This is how my account looks on the Microsoft Authenticator side:








6 Replies
Seen that before as well. There's no difference in behavior but imagine it depends on how it the Authenticator app was set up. I.e., adding from the sign-in process vs adding yourself from the Security info page. You can delete one of them.


I tried deleting "Microsoft Authenticator", which worked. But after that I did not receive any notifications in the app.


Then I tried deleting the "Authenticator app" entry, which also worked, but after that I was not able to select "Use an app instead" while logging in the browser.


I assume that each entry has its own meaning. When I look at the selection of the default sign-in method there is further explanation:




There are other Authentication apps, and you can also decide which options should be available based on the MFA service settings.

Aren't those settings the obsolete? This is the "old MFA", which should not be used anymore. I have set every user to "Disabled" in the per-user MFA portal. Do the settings there still apply?
Yes, they are "legacy settings". But still, you can configure settings in there. You should obviously not use per-user MFA. I'm just mentioning the service settings (2nd tab).
Ok, I am disabling all user accounts, so the per-user MFA is not used any more.

We see a pattern, that users with admin roles have two authenticator apps enabled ("Microsoft Authenticator" and "Authenticator app"). And deleting one or the other prevents passwordless sign-in from functioning.