Microsoft Authenticator to nuke Entra creds on rooted and jailbroken phones
azalemeth
22 points
8 comments
March 11, 2026
Related Discussions
Found 5 related stories in 75.8ms across 8,358 title embeddings via pgvector HNSW
- Your phone is about to stop being yours doener · 1183 pts · April 28, 2026 · 48% similar
- Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild WalterSobchak · 115 pts · March 18, 2026 · 46% similar
- WireGuard VPN developer's Microsoft account locked worik · 21 pts · April 08, 2026 · 46% similar
- Full Disclosure: A Third (and Fourth) Azure Sign-In Log Bypass Found nyxgeek · 86 pts · March 20, 2026 · 45% similar
- EU age verification app hacked, 2 minute How to posted johanstokking · 73 pts · April 17, 2026 · 44% similar
Discussion Highlights (3 comments)
beardbound
Wow, they're actively removing data off the app on your phone? Good reason to never use MS authenticator for anything important. This is also assuming that they're never wrong about this, and that it is foolproof with no false positives. It seems that there's a big difference between "not supported" and actively removing account/auth data from someones phone. This has made me reconsider my 2fa providers. I might have to look at some sort of hosted option that doesn't have this issue. I wonder what the policies are for this kind of thing with authy and okta (and other major 2fa auth platforms).
crimsonnoodle58
GrapheneOS user. Disappointing they consider our OS rooted when its actually more secure than stock Android. So if I'm locked out of my 365 sysadmin user by this, what then? Hopefully disabling the hardened memory allocator, as suggested by the article, holds them off for a while..
wrayjustin
I have a fully stock, not jailbroken/unrooted, up-to-date, relatively new, device that Microsoft randomly determines is "rooted" and blocks access (until rebooted). This happens a few times a month, frequently enough that the false positive rate is very concerning with this change.