Jump to content
Enpass Discussion Forum

Microsoft Account with 2FA + Enpass App


PepeCZ
 Share

Recommended Posts

Guys good feature for future will be if we can add 2FA into Enpass for Microsoft Accounts.

Now is this last one my account where I must using Microsoft Autenticator, because this is my last one 2FA which Enpass not support.

Ps, two years back I used for 2FA only Microsoft Autenticator with cloud save. But as Enpass released this feature directly into Enpass so I start migrate and now I miss this last one. So I hold Enpass team fingers for some solution (Microsoft Account with 2FA + Enpass).

Link to comment
Share on other sites

  • 3 weeks later...

I don't understand this feature request. Microsoft accounts are compatible with 6-digit TOTPs that Enpass generates. I use it for all my Microsoft accounts (personal, work, school).

If Microsoft Authenticator generates another pattern for TOTPs (such as aforementioned 8-digit), that's a completely different question: it's a Microsoft app that uses a specific standard.

I suggest @PepeCZ to simply disable 2FA on the MS Account and set it up using the option for a generic app (typically they relate this to a Google Authenticator icon), it's all compatible. 

Link to comment
Share on other sites

  • 3 weeks later...

@brunovieira97 Yes, Microsoft account is compatible with 6digit, but why not use 8digit in enpass app, for example same as in Microsoft Autenticator.
I mean if exist any method, how improve application Enpass in this, for use 8digit for Microsoft account, so I am definitely in favor of this improvement.

Link to comment
Share on other sites

@PepeCZ as I said in my previous comment, I believe that would not be possible to achieve.

You see, TOTPs (the numeric codes) follow a standard that allows a 6-digit or 8-digit number to be generated. When you go to Microsoft's website and set up your 2FA, they give you 2 ways to do so:

  1. Use the MS Authenticator app and its proprietary format, generating 8-digit TOTPs
  2. Use a generic authenticator app, such as Google's, Enpass' and so on, generating 6-digit TOTPs

Going from 6-digit to 8-digit is fairly simple: you would just generate a URI (or QR Code for it) containing digits=8 as a parameter. So Google Authenticator, Enpass, and all of those aforementioned generic apps would give you 8 digits. But Microsoft doesn't do that. I have just edited my MS account on Enpass and confirmed Enpass does support 8-digit TOTPs.

But if you compare the 8-digit ones that Microsoft uses with third-party apps to the ones generated in their proprietary app, you will see that they don't match up. Microsoft uses a different algorithm for their proprietary app, and when you log in and give you the TOTP, they will only accept:

  1. 6-digit from generic apps (using the standard algorithm)
  2. 8-digit from their proprietary app (using their own unique algorithm)

If Microsoft gives you a QR for 6-digit on any app that's not their own, you can't use 8-digit. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...