alt Hacker NewsI recently had to setup Microsoft Authenticator. It refused to register a code unless I enabled notifications.
You are a two factor app. I should never be in a situation where there is an unexpected login I need to verify.
Replies
Apps can know whether you granted permission?? That sounds like a security flaw.
Tip: The iPhone Passwords App has basic TOTP functionality (manually create a password entry and click “Set Up Code”). I have a few dummy passwords which are effectively just labels for some login codes - it’s one less App to install.
AFAICT any TOTP app (FreeOTP+, Aegis...) works just fine with Microsoft services (or Google, etc). You don't actually need to install several TOTP apps.
> I should never be in a situation where there is an unexpected login I need to verify.
Isn't that kind of the point? If someone else is trying to login somewhere with your credentials, your two factor will ping up?
I want scopes like Graphene has for storage scopes. I want this on my phone and browser - let the site/app think it has everything (cookies, storage, microphone, camera, notifications, whatever it wants) but it's all empty and does nothing.