These are the same companies that don’t support second factors, only have their app as a second factor, or only SMS second factor. Is it too much to ask for smart card or token (yubikey) support?

  • apfelwoiSchoppen@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    ·
    1 year ago

    My company set up two factor for office 365. The type of verification used is the outlook app where you tap on something to gain access. I must have been one of the first to be required to change my password on the stupid 90 day schedule. After changing my 365 account pw I was locked out because I had to log in to the Outlook app and use the outlook app for verification, which didn’t work due to the need to be logged in. You can’t make this shit up.

    • deweydecibel@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      That’s on your IT department.

      Well, it’s also on Microsoft for selling their “modern” security theater bullshit to every IT department in the country while not designing it in a sensible fashion or working with third parties to provide meaningful alternatives to the Microsoft branded shit every employee will soon be required to install on their personal devices…

      But that’s also on your IT department for not warning you or allowing you to keep the SMS/phone verification as a backup for these exact situations. Those aren’t depreciated yet, but some companies have let Microsoft’s recommend security practices (co-written by their sales team) scare them into downright idiocy.

      As someone in IT, here’s what you do: Next time that sort of thing happens, just reach out to them immediately and have them reset everything. They may get annoyed, but you know what? They shouldn’t be. It’s more secure to have an employee call in every single time they need to change a password or re-authenticate a device. It’s inconvenient, unnecessary, and downright annoying, wasting everyone’s valuable time, but hey…it’s more "secure’. If it’s more secure, you aren’t allowed to be against it.