undefined | Better HN

0 pointstokyobreakfast1mo ago0 comments

> Dude, it's 2025.

Actually, it's 2026 and has been for six weeks.

> A few years ago, I accidentally left my phone at home when I went to work, and when I arrived I found that because I no longer had my 2FA device, I couldn't do any work until I went home again and picked it up.

Sounds like a personal problem. There are many other 2FA authenticators available. Yubikey, TOTP tokens, smart cards, etc. Using a smartphone (which can lose power at any time) for critical authentication was a silly idea to begin with. I would refuse anything work-related on my personal phone.

0 comments

ben_w1mo ago

> Actually, it's 2026 and has been for six weeks.

D'oh. But fair.

> There are many other 2FA authenticators available.

Specified by job, so no choice in this matter.

> I would refuse anything work-related on my personal phone.

Quite reasonable as a general rule, though my then-employer only required the 2FA app and nothing else, and in this case it would've just meant "get an additional phone".

sensanaty1mo ago

We were literally not given the choice in the matter, in the case of $JOB. Plenty of people complained about having to use their phones to access the buildings, but that was the policy.

I suspect the next thing you're going to say is along the lines of "then just switch jobs", though.

Izkata1mo ago

> I suspect the next thing you're going to say is along the lines of "then just switch jobs", though.

I mean even that might not work out. We just switched to MS Teams last year and Microsoft uses a push-based app, not TOTP or other offline keys like we'd used before. And Teams just seems to be getting more popular...

kuschku1mo ago

Microsoft can actually use TOTP, Push, or offline keys.

Which of them are available depends on what your company has configured.

If the push version is configured, it's possible it has also installed an MDM profile on your device. Avoid that, or your phone will get wiped when you leave the company in the future.

theshackleford1mo ago

> I would refuse anything work-related on my personal phone.

What a wonderful privileged position you hold. If only everyone could afford to tell their employer to pound sand in the same heroic manner you have undertaken.

So brave.

kuschku1mo ago

Join a union. That's what they are for.

j / k navigate · click thread line to collapse

0 pointstokyobreakfast1mo ago0 comments

> Dude, it's 2025.

Actually, it's 2026 and has been for six weeks.

0 comments

ben_w1mo ago

> Actually, it's 2026 and has been for six weeks.

D'oh. But fair.

> There are many other 2FA authenticators available.

Specified by job, so no choice in this matter.

> I would refuse anything work-related on my personal phone.

Quite reasonable as a general rule, though my then-employer only required the 2FA app and nothing else, and in this case it would've just meant "get an additional phone".

sensanaty1mo ago

We were literally not given the choice in the matter, in the case of $JOB. Plenty of people complained about having to use their phones to access the buildings, but that was the policy.

I suspect the next thing you're going to say is along the lines of "then just switch jobs", though.

Izkata1mo ago

> I suspect the next thing you're going to say is along the lines of "then just switch jobs", though.

kuschku1mo ago

Microsoft can actually use TOTP, Push, or offline keys.

Which of them are available depends on what your company has configured.

If the push version is configured, it's possible it has also installed an MDM profile on your device. Avoid that, or your phone will get wiped when you leave the company in the future.

theshackleford1mo ago

> I would refuse anything work-related on my personal phone.

What a wonderful privileged position you hold. If only everyone could afford to tell their employer to pound sand in the same heroic manner you have undertaken.

So brave.

kuschku1mo ago

Join a union. That's what they are for.

j / k navigate · click thread line to collapse