> Microsoft has made Authy, Google Authenticator, and similar apps incompatible, a choice that needlessly inconveniences users and undermines the whole “passwordless by default” marketing message.<p>Welp.
It also means that by default you will no longer be able to RDP from one Windows PC to another on your LAN or mount it as a network drive, as neither of these functions works with a passwordless Microsoft account. Even Microsoft's new "Windows App" cannot establish RDP connections between Windows systems on your local network.
This has been possible on my business M365 like forever. But yeah they're pushing their own authenticator too which is annoying. It's Microsoft's way though. Always locking you in. Same with ms365 web which never works properly in Firefox.
If you lose your devices because of a car theft for example, you lose access to everything. Everything!<p>Authenticator needs a login. Logins are only through logged in devices. All logged in devices are stolen. Backup?
According to current docs all business-oriented Microsoft Entra ID accounts support only <i>device-bound</i> passkeys. So the Microsoft Authenticator app isn’t absolutely required, a FIDO2 hardware token like a Yubikey or even TPM-backed Windows Hello is supposed to work for these passkeys too.<p>Software-based “syncable” passkeys (such as Bitwarden) have been on the roadmap for 18+ months but are still not available for business MSFT Entra ID accounts for some reason.
> Left out of Microsoft’s announcement is that even after users create a passkey, they can’t go passwordless until they install the Microsoft Authenticator app on their phone. Microsoft has made Authy, Google Authenticator, and similar apps incompatible, a choice that needlessly inconveniences users<p>I was wondering how I managed to get locked out of my Microsoft account when using Authy. It just fails now.