Microsoft Authenticator App

mr_fender said:
Lord, don't get me started on what a festering turd Zscaler is...
Click to expand...

We were using Pulse secure but they had security issues. Switched to Zscaler. Now my PLC apps are AFU. They work but the apps crash and sloooow to load. We all hate it so far but this was rolled out last Friday. Hopefully our IT people get it figured out. Not surprised by the festering turd description 🤣
 
iaresee said:
I love Yubikeys everywhere but my phone. Maddening to use there.

Passkeys are going to be amazing.

I feel like we've been swirling around iterating on bad ideas here for a decade and Passkeys are finally a direction that's going to be great. You still have the problem of having control centralized in one place like a password manager or Keychain. But if you know that, you can take extraordinary precautions to protect that one, single thing instead of having to protect all the websites you log in to.

I haven't put my Yubikey on my 1P account yet, but I suppose I could. It's well-sealed up on my devices and attacking it web-side is nigh impossible because you need a secret key along with the password and that secret key isn't on the internet or any network for that matter.
Click to expand...

The funny part is that I've been using the same idea as passkeys for years for ssh. That's how their keys work.
 
We were using Okta with a whole mess of company apps, but then we started down the Teams road, cloud outlook, all that shit. I regularly find an authenticator window, that you can't make go away until you enter a code, but then it is always expired, and you have to get it to bring up another window, get another code, etc.

Some days, it makes me do this multiple times in one day, and others, I go an entire week without. Makes zero sense, but I'm happy knowing that some asshole in the IT department has managed to justify his job for another year, until they can find something else to fuck with for no reason.

Somewhere along the way, they seem to have relaxed a bunch of the website filtering though, as I just figured out today that I can bring up Spotify and Gmail, which I couldn't before. Probably an oversite.
 
spagthorpe said:
Makes zero sense, but I'm happy knowing that some asshole in the IT department has managed to justify his job for another year, until they can find something else to fuck with for no reason.
Click to expand...
I doubt seriously the "asshole in the IT department" had anything to do with the decision, a CIO or CISO would set the general direction, people under them would run the requirements process to meet the requirements placed on them, and then someone in procurement would get an out of size vote in the whole decision on who to go with based on financials over everything else once requirements are met.

I use MSFT Authenticator for work every day (I work at MSFT), have had zero issues ever with it which is funny, cause just like any other company we have an IT department... I find our signin experience and password/pin/auth management to be pretty damn awesome, way better than the last 2 places I worked before coming here.
 
unix-guy said:
We use it at work with more than 50k employees... Mostly works fine for me.

Pretty much everything we do is tied into it in some way.

Of course that is Enterprise version and mostly using MFA.
Click to expand...

Same here. I use it for all my tokens and have never had an issue with it (on Android).
 
As a former Microsoft employee, I used authenticator a lot starting way before it was available to the public. I had to use it to access all sorts of disparate services across a multitude of platforms and devices. Honestly, the app always worked very well - I only used the iOS version as I’ve never owned an Android phone.

Authenticator was never the stumbling block for me - it was always servers behaving incorrectly because I’d get the same busted behaviors if I used phone or text for MFA instead of the app.
 
The login loop is pure hell if you hit it. But not even the worst thing here. If you don’t receive push notifications for auth then the app recommends that you manually update it. Usually when you do that it works.

Why do they need the very newest client to send a notification? It screams of shoddy engineering.
 
You must log in or register to reply here.
Back
Top Bottom