Techly NewsGet the app

Get the latest tech news

Flaw has Microsoft Authenticator overwriting MFA accounts, locking users out


Microsoft stands out from the authenticator crowd by annihilating accounts when new accounts are introduced via QR code. Despite user complaints for years, no fix has been issued, leaving IT experts wondering, ‘Why would you pick Microsoft?’

“I believe the fix, sorry, I mean workaround for this is to use the Secret Key from the Identity Provider and manually type this into the Authenticator app during setup,” the user wrote. In his post, Randall described participating in a recent vendor training session: “As we logged into their system, we were presented with a QR code to scan for MFA. A number of attendees opened Microsoft Authenticator, scanned the QR code, and proceeded to overwrite another application’s TOTP (Time-based One-Time Password) key,” Randall wrote.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Microsoft

Microsoft

Photo of users

users

Photo of flaw

flaw

Related news:

News photo

X is closing its operations in Brazil immediately, but its service will remain live for users

News photo

Preparing to Monetize, Threads Launches New Tools for Users

News photo

Microsoft Copilot: Everything you need to know about Microsoft’s AI

« Can the US Regulate Algorithm-Based Price Fixing on Rental Housing?
UK chip giant ARM developing GPU in Israel »