Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically π.
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β 
Block β 
οΈ WipeLet your help desk and security teams know.
@merill@infosec.exchange cringe
-
@domi@donotsta.re @merill@infosec.exchange good guy microsoft protecting us from big scary threats whilst locking token protection (the primary defence to phishing your creds out) behind expensive entra licenses. be so fuckin fr
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
@merill magisk module to hide root incoming in 3, 2, 1...
-
@domi@donotsta.re @merill@infosec.exchange good guy microsoft protecting us from big scary threats whilst locking token protection (the primary defence to phishing your creds out) behind expensive entra licenses. be so fuckin fr
@amy@sk.girlthi.ng @merill@infosec.exchange microslop will save us all!
(they canβt censor me here :^)
-
@amy@sk.girlthi.ng @merill@infosec.exchange microslop will save us all!
(they canβt censor me here :^)
@domi @amy
@microsoft get them -
@domi @amy
@microsoft get them@kuriko@wetdry.world @domi@donotsta.re @microsoft@lea.pet OH GOD OH FUCKK
-
@merill I have to admit one of the reasons I use the web application for Outlook on my phone is because installing the Outlook app and adding my work account to it would in theory give work access to control (parts of) my phone - which I don't want. I didn't think the authenticator alone would give that level of access to the device though!
Is this likely to just drive more people to switch to using Google's authenticator (or another TOTP app) instead of the Microsoft one? I do anyway, because I was already using it for other sites, and it was easier to have them all in one place. You'd lose push authentications: but I feel safer without those anyway!
-
Soo instead of just rooting a phone one needs now to also deploy 38473894 shady scripts and workarounds to hide it from Microsoft Authenticator?
Congratulation on improving security (NOT).
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
@merill yeah sure, make sure we can't control our devices as we want to, but only as the duopoly/governments allow. Great step toward freedom and security /s
-
Ehm, the azure codes are a bit different than the TOTP ones. Their app also has a kinda proprietary auth code format too. I think it is mainly about them. As for all others you literally just have to store a picture of the QR-Code you used to set them up...
Edit: But yea, it probably will end in there being a shady cracked version of the Microsoft Authenticator App that continues to work on rooted phones...
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
@merill this idiocy looks like something @GrapheneOS will want to respond to. Microsoft doesn't care if the OS has the latest patches, only that it was certified by the duopoly.
-
Ehm, the azure codes are a bit different than the TOTP ones. Their app also has a kinda proprietary auth code format too. I think it is mainly about them. As for all others you literally just have to store a picture of the QR-Code you used to set them up...
Edit: But yea, it probably will end in there being a shady cracked version of the Microsoft Authenticator App that continues to work on rooted phones...
-
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
Well another pretty bad idea. You seem to have quite a streak with those, lately.
Time to stock up with popcorn and wait for the fallout.
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
@merill Whoa.
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
@merill is this a threat or promise?
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
@merill Who is using MS Auth anyway? Not me for sure! Another reason not to have or use an MS account...
-
Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically
.No IT config needed.
3-phase rollout starting Feb 2026:
οΈ Warn β Block β οΈ WipeLet your help desk and security teams know.
Wow. So a LOT of you folks are not happy.
The good news is your org can still allow you to use passkeys and other Authenticator apps.
-
@merill in other words, devices that the users control, instead of controlled by someone in the Epstein files
You can opt out any time by showing documentation that you are in the files (tangentially mentioned because they cited your work in an email does not count sorry)
-
@merill in other words, devices that the users control, instead of controlled by someone in the Epstein files
@fluffykittycat @merill It's kind of a grey area. They are right that open bootloaders are a security issue but then also you can relock it on some devices.
In any case I don't think I would use the Microsoft Authentication app anyway unless I have to.
