Yes if you have had enabled "Cloud backup" in your Authenticator App before (with Microsoft or iCloud account as recovery account). Of course it is usually up to you to manually save that recovery code somewhere so you can refer to it later.īut from here on out, Microsoft Authenticator App does offer a cloud backup for this reason (and also easily switching devices), but you have to enable it in the app settings. Some services will also give "recovery codes" when you setup MFA, so that when you lose your device, you can use the 1 time recovery code to get back into your account. ![]() So if you have MFA enabled, you may be able to select an option like "I lost my device" during login and then have the option for them to send a text or confirmation code to another device/account. Some services like Microsoft will set you up with multiple account recovery options. The only real advice I can give is if you are locked out of accounts that required OTPs from the Authenticator App, there is usually another way to get back into the account, though you may end up needing to head to the help section of that website/service or contact customer support in some cases. However I doubt they give you the option due to security, and you would need to log into the account anyways which means you've probably already bypassed MFA and can turn it off.įor public/private keypairs, the private key is hardware backed which should mean that a) there isn't a way to export the private key, and b) only the application to create the private key should have access to it The private key never leaves the device when a user is using the backup or restore features of their Authenticator app or when using the operating system app restore features.įor OAUTH TOTP which I believe most apps/websites would use, you may be able to get the "shared secret" from the 3rd party app/website. the Keychain on iOS and Keystore on Android) and exports the public key to Microsoft’s login server. ![]() For accounts using the OATH TOTP standard, there is a shared secret stored both in the Authenticator app and in the identity provider.įor accounts using other mechanisms, the Authenticator creates a public/private keypair in a hardware backed storage (e.g. Overview of how the Microsoft Authenticator works This is probably one of the best articles to explain how to avoid this issue in the future and also point to why you would be unable to recovery those "accounts" in the Authenticator App specifically: ![]() I very much doubt it unless you deleted the app/storage and can use a data recovery application on your device.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |