Using MS 2FA without MS Authenticator App RRS feed

  • Question

  • Hello, I have a corporate Windows 10 setup which uses MS 2FA for accessing certain resources. It works by installing the Microsoft Authenticator app on my corporate iPhone and adding there an account by selecting "work or school account", then I can choose whether to authenticate directly through the MS Authenticator app or through an OATH token one-time code. It works.

    Now, what I would like to do, is being able to use a different device than my corporate iPhone for authentication. This is allowed by our administrator, we can have more than one device authenticated. However, I would like to use either of these two devices:

    1) a laptop with Windows 10 installed: or

    2) an Android phone with NO access to Google Play or any other Google services, and unable to run arbitrarily downloaded .apk files.

    Regarding 1), I checked some desktop 2FA software, while for 2) I checked all the open source authenticator apps available on F-Droid. However, in both cases the QR scanner returned error. I guess the "work or school account" uses a different format than the traditional ones, in fact I cannot even enter manually the secret key because there is no secret key when I try to authenticate a new device, just a 9-digit code and an URL.

    So I guess what I am asking is: is there a free open-source app able to install an authentication token by providing the 9-digit code + Azure url instead of the secret key? Alternatively, is there a Windows desktop app able to do it?

    Thanks in advance for any reply!

    Thursday, January 24, 2019 5:11 PM

All replies

  • P.S.: I forgot the other obvious solution: is there a way to extract directly the secret key from the MS Authenticator app for a given token?

    Thursday, January 24, 2019 5:12 PM