Use Aegis.
The MS Authenticator contains analytics & telemetry & way too many permissions and should not be used: https://reports.exodus-privacy.eu.org/en/reports/com.azure.authenticator/latest/ (it looks more like a scam than legitimate, but that’s exactly what Microslop is in 2026…)
For comparison, Aegis is a legitimate app that only does what it should do: https://reports.exodus-privacy.eu.org/en/reports/com.beemdevelopment.aegis/latest/#permissions
Any other authenticator also works with any MS service so there’s no reason at all to use the MS Authenticator unless you like handing over more data to MS for no reason. EDIT: According to comments, your company might have the option to enforce usage of MS Authenticator only. But this doesn’t seem to be the default, at least in Germany where I’ve heard from 2 sources that they can use any authenticator app for M365 for example.
By the way, Graphene OS is NOT rooted, but what does truth or sane app behavior even mean anymore for Microslop in 2026… Just stop using that garbage.
Agree for personal use.
Professionally I’ve had situations where Ms authenticator was the only option because the only 2FA they allow is push notifications on the authenticator app. :(
I even used freeotp+ for my ORG 2FA and aegis for my personal so I could easily keep them split ( and you can export / securely store the backups somewhere ).
Time to get corps to ditch Microsoft >.>
Professionally I’ve had situations where Ms authenticator was the only option because the only 2FA they allow is push notifications on the authenticator app.
If a company requires me to install specific apps that may or may not work on my device, I expect that company to provide me with a device that can be set up for their stuff.
I’ve run two separate phones for nearly 15 years now: my personal phone, and a work-issued phone. The work phone is turned off and left on my night stand as soon as I get home, and only turned on again when I’m getting ready to go back to work. I don’t carry it 24/7 as some have been led to believe, for some reason. It’s really nice to have that separation. And work pays for it.
My employer is government so they do provide an alternative. If you can’t use Microsoft authenticator, you can get an authentication phone call
Peach. Separation is where it’s at, and companies should be required to provide technology required for work.
In an ideal world “No, I don’t want that on my personal device” should be sufficient, but it’s a lot harder to argue with “No, I literally cannot install that on my device; it’s incompatible. Provide an alternative for me.”
I’m finally taking steps to walk the walk re: phone separation—I’m hoping the Click Communicator pans out, since it seems like the ideal work phone. (I get a stipend for tech, so I can get whatever I want. I’ve been pocketing the extra cash, but it’s time to get an actual work phone.) I’m just hoping I can wait it out and ignore the Authenticator warnings until then, or maybe look into Magisk Hide or whatever.
We do need to get corps to move away from closed source protocols like MS, Google, Meta and others push notifications though. Those are not in anyway safer and are just basically trap to force people to use their apps
Anybody have a good reason to not use Authy? I’ve seen Aegis mentioned quite a bit but nobody supporting/dunking on Authy. I thought they were one of the more popular choices.
Authy also doesn’t work on GrapheneOS.
EDIT: And Authy scrapped their desktop apps. I’m using ente instead.
That makes sense. Thanks! I don’t use graphene but I do use authy and wondered if I should be reconsidering my choices 😅
Authy is closed source and owned by Twilio, a publicly-traded company.
Aegis is FOSS.
Do what you will with this info.
Seems like Authy doesn’t have a feature to export to another app. Guess you re-enable 2fa on each account to move to something like aegis.
That’s exactly what I did. It was a pain because I have so many 2FA-enabled accounts, but it was absolutely worth it.
Yeah I wish I knew, I was using Authy because as far as I knew it was that Google or Microsoft.
That’s fine.
Any job that wants you to use certain software can provide a device it’ll run on for you.
Amen to that. Even if your computers will run it, provide the device. I’m not installing shit on my home computers.
My job has suggested it to me. I say “you know how all these computers run Windows?” They nod. “Mine doesn’t. It’s a Mac.” That usually shuts them up. Never mind that most of what we run will, in fact, run on a Mac, and there’s very little a shitty Wintel box mass produced for the enterprise can do that my Mac can’t do. I mean, I can run Deus Ex natively on the work computer, if I wanna catch hell for it. (But it would be fucking hilarious, especially if I’m at the part where JC Denton hands in his “resignation.”)
and it goes in an old microwave in the laundry room when not in use. right? this isn’t crazy in this day and age is it?
IS IT???
Trunk of the car is fine if you just head straight home. That’s out of mic range. And your employer is going to know your home address anyway so location access is whatever.
Bring it inside when you go on a road trip.
Yep! You want me to use your microslop on your hardware at your company, fine.
A company that has you use your personal device is an awful company and huge red flags in terms of privacy.
deleted by creator
That doesn’t make sense to me, afaiu :
GrapheneOS is NOT rooted by default, and they explicit recommend NOT to do it, because it invalidates a huge part of their privacy guarantees.
Yeah, and Microsoft policy is just about rooted phones.
There isn’t any reason to mention GrapheneOS, unless it is to generate unwarranted outrage.
Which seems to be working on a lot of folk on here.
Well it could just be part of the collective corporate alliance that will always do anything they can to make any kind of freedom cost more for everyone. GrapheneOS is taking your freedom and not feeding on the corporate-issued fodder, and well, they don’t like that. So this is just one more small difficulty added to that choice.
This kind of thing is only the beginning. It won’t be long before absolutely nothing will work on any freedom-oriented OS, software, hardware etc.
Some fires need to start, and soon.
They way Microsoft is checking for root won’t work on GrapheneOS since its done through Google play services, similar to the bank apps. It doesn’t matter if it’s rooted.
privacy guarantees
security guarantees, not privacy guarantees.
With root you can actually control what kind of things each app does and stores, and check what data it transmits to remote servers. But it also breaks/weakens the android security model, where apps can do, store or transmit stuff protected from the eyes of the user of the phone.
But it also breaks/weakens the android security model, where apps can do, store or transmit stuff protected from the eyes of the user of the phone.
Which just sounds insane to me. It’s security through obscurity, which is in and of itself a bad plan, to protect 3rd parties against you … on your own frigging device.
Interesting considering grapheneOS does not actually support rooting.
This is the thing that kills me about the corporate anti-GrapheneOS sentiment. It is 100% a more secure phone, and yet every measure they implement against it cites security as a reason. Total and absolute bullshit.
I mean, they argue against rooted phones as a security reason, but my rooted phones used to be much more secure than they were when they were stock.
Just more of the same idiots ruining shit for everybody.
Because it isn’t really about security. It is about control.
Which means the entire article is bullshit.
It literally states that Microsoft changes its policy to not allow rooted devices. So GrapheneOS has nothing to worry. It doesn’t affect them. Why does the article mention it then at all?
Seems like a clickbait article
Which means the entire article is bullshit.
Not necessarily. It could just be that Microsoft’s “root” detection is misnamed or poorly implemented. They would not be alone in either case.
Oh no
Anyway
Microslop authenticator might not work for my zero Microslop accounts, lack of Microslop sloperating system, OR their piece of shit cloud platform that I refuse to touch?
WHAT WILL I DO
This is what I fear will happen to GOS on Motos. Google decides to mark them as rooted so buh-bye banking apps and others that require a “secure” os.
All these banking apps need google play for the freaking 2 factor code sent via text to work.
Why can’t I setup TOTP for these? Banks I am looking at you.
Another banking app thread, fun! Don’t use phones for banking. One just trades privacy for perceived convenience. For “safety” you give your bank:
- Unnecessary lower-level system access than normal apps, for SAFETY!
- Your location as often as they can harvest it
- What apps you have installed
- Any metadata they can exfiltrate through trackers in the app that can be mated with metadata from other app trackers
- Any personal information they can gather from your phone
Furthermore, if you use tap-to-pay, which some banks require their app be installed to use, you’re then giving every transaction you do, with or without tap-to-pay, to the operating system provider and any third parties along the way. Use your credit card at a store and the phone’s at home? That transaction still gets scooped up.
Finally, you have this object you always carry with you, that has access to all your financial information, that a bad guy just has to punch you in the face to get you to log into your bank and delete all your money. Bravo! With a card, it can be shut off afterwards, and the bank can mark any transactions happening afterwards as fraudulent. With a phone app, they can Zelle themselves your money and the forward it to some cryptocurrency and good luck. Then clean out your RobinHood, your DraftKings, your CoinBase, your 401k, and anything else they find along the way.
Use the bank webapp if one is desperate.
Banking. On. Phones. Is. Stupid.
unfortanely, my bank’s website needs a non standard 2fa that only exist in the app to do anything
Always has been.
Banking on a phone is insecure, and this is one reason. Never use banking on mobile.
Don’t see how banking on phone is anybless secure then a computer.
How long is your password on your phone? How long is your password on your computer?
Each banking app usually has a separate password you have to set and every transaction requires some form of authorisation.
You could make an argument about security concerns in regards to biometric scanners in phones, but short passwords are a universal thing for people that dont care.
You’re letting the bank know everything about you. What apps you have installed, how you use your phone, where you go, you’re just letting them have access to your entire life for mild convenience. Just use the web site and make an icon on the home screen to get to it.
Fuck em. I just got grapheneOS and I advised my workplace we will need a workaround for authenticator.
Unless on Motorola devices (soon).
I hope it’s like FairPhone where you get to choose android or Murena/e/
We wouldn’t want any Graphene OS device to fulfill the requirements necessary to be certified. That would make it useless.
‘Rooted’ doesn’t mean rooted, it means the Google API it checks against says no. And is unlikely to say yes on any device that isn’t ‘official Android’, with Google Apps having System access.
Googles been getting in trouble for requiring Google apps to he certified. So maybe they allow grapheneos through to say see we don’t knowing it well be very niche.
Like my other comment said to someone else, so much for Android “OPEN SOURCE” Project, huh? Only OK if its stuffed with Google shit to make money from?
Make no mistake. If Google does not certify GrapheneOS on Motorola, these devices will be flagged as modified by Googles API just like on any other device.
So much for Android OPEN SOURCE Project, huh?
Only “open source” if Google gets to profit from it?
Works for me.
I mean…okay?
I have a work phone for this exact reason.
work phone stays on my desk. I have removed the microphones. I turn it on at the start of every day, and turn it off at the end of every day.
good luck with that plan Microslop. looks like Microslop is trending too!
You physically removed the mics from your work phone? Damn, that’s dedication.
I wouldn’t call that a phone at that point
it still does Bluetooth.
my headset is dual paired to it and my work laptop.
Good thinking.
it’s an old Samsung that had the glass back shattered. I cleaned it up and did some “maintenance” on it before sealing it back up.
Cool, the fewer people using Microslop apps, the better.
That’s cool. Guess my company is going to have to send me a new phone.
Oh this is some bullshit. Anyone know of a decent FOSS(ish) alternative?
I’ve heard Aegis being mentioned.
deleted by creator
I have been usingnit for Ages, haven’t had a problem.
Been using it for years. No issues at all.
Used for years. The best.
ive used it for months, no issues at all
Aegis
Ente Auth
Now this is shitty. Our company allows only authentication with the app, and I was really happy to give up the shitty phone they offered and just carry one.
I saw the news earlier this or last week, but as my grapheneos is not rooted, didnt think much of it.
Fuck Microslop and fuck Google.
Microslop Authenticator might exclude GrapheneOS in the future due to root detection
So don’t have a rooted GrapheneOS and everything will be fine.
