Microsoft Account with 2FA + Enpass App

[PepeCZ]

Guys good feature for future will be if we can add 2FA into Enpass for Microsoft Accounts.

Now is this last one my account where I must using Microsoft Autenticator, because this is my last one 2FA which Enpass not support.

Ps, two years back I used for 2FA only Microsoft Autenticator with cloud save. But as Enpass released this feature directly into Enpass so I start migrate and now I miss this last one. So I hold Enpass team fingers for some solution (Microsoft Account with 2FA + Enpass).

[PepeCZ]

Because If I open Microsoft Autenticator for Microsoft 2FA, so here is right 4 NUMBERS + 4 NUMBERS

But when I added Microsoft 2FA into Enpass, so in this app are only 3 NUMBERS + 3 NUMBERS

[Pratyush Sharma]

Hi @PepeCZ,

Thanks for your suggestion.

We have noted down your valuable suggestion and forwarded it to the concerned team for further consideration. Thanks for your feedback!

[Guest]

I don't understand this feature request. Microsoft accounts are compatible with 6-digit TOTPs that Enpass generates. I use it for all my Microsoft accounts (personal, work, school).

If Microsoft Authenticator generates another pattern for TOTPs (such as aforementioned 8-digit), that's a completely different question: it's a Microsoft app that uses a specific standard.

I suggest @PepeCZ to simply disable 2FA on the MS Account and set it up using the option for a generic app (typically they relate this to a Google Authenticator icon), it's all compatible. 

[PepeCZ]

@brunovieira97 Yes, Microsoft account is compatible with 6digit, but why not use 8digit in enpass app, for example same as in Microsoft Autenticator.
I mean if exist any method, how improve application Enpass in this, for use 8digit for Microsoft account, so I am definitely in favor of this improvement.

[Guest]

@PepeCZ as I said in my previous comment, I believe that would not be possible to achieve.

You see, TOTPs (the numeric codes) follow a standard that allows a 6-digit or 8-digit number to be generated. When you go to Microsoft's website and set up your 2FA, they give you 2 ways to do so:

1. Use the MS Authenticator app and its proprietary format, generating 8-digit TOTPs
2. Use a generic authenticator app, such as Google's, Enpass' and so on, generating 6-digit TOTPs

Going from 6-digit to 8-digit is fairly simple: you would just generate a URI (or QR Code for it) containing digits=8 as a parameter. So Google Authenticator, Enpass, and all of those aforementioned generic apps would give you 8 digits. But Microsoft doesn't do that. I have just edited my MS account on Enpass and confirmed Enpass does support 8-digit TOTPs.

But if you compare the 8-digit ones that Microsoft uses with third-party apps to the ones generated in their proprietary app, you will see that they don't match up. Microsoft uses a different algorithm for their proprietary app, and when you log in and give you the TOTP, they will only accept:

1. 6-digit from generic apps (using the standard algorithm)
2. 8-digit from their proprietary app (using their own unique algorithm)

If Microsoft gives you a QR for 6-digit on any app that's not their own, you can't use 8-digit. 

[AxelE]

Any news as to that? I have the same issue and it really bugs me to have to use an SMS based OTP instead of using Enpass for these pesky MS365 passwords.

[Abhishek Dewan]

Hi @AxelE

I would like to inform you that Enpass developers have investigated the feasibility of this request. This feature request may be included in future Enpass releases even though we have not yet received any specific version updates. Your support and patience are greatly appreciated.