Microsoft is rolling a new backup system for its authentic app on iOS, which removes the need to use Microsoft personal account to backup the TOTP secret and account names.
Earlier, the Microsoft authentic app required iOS users to sign with an individual Microsoft account to enable backups, whether they were using the app for individual or enterprise credentials.
This created problems in the enterprise environment where organizations often prefer to keep individual and corporate data separate.
The new backup system will continue to use a sign-in iCloud account to store backup, but now not with the need to use a microsoft account. If the company uses a managed Apple ID on its corporate devices, it will be used instead of individual accounts.
Microsoft says that this new feature will start rolling out in September and will end by October 2025, with users a notice about the new experience in the app, as shown below.
Source: Microsoft
Microsoft says that this feature will only be available for users enableing iOS 16.0 or later iCloud and iCloud Keychain. Once established, the account name and TOTP will be supported to the credentials (mystery) iCloud and will be automatically restored on new devices when you use the same Apple account.
Microsoft’s announcement stated, “The account names for all accounts in the Offencator app- work or school accounts, Microsoft personal accounts, and non-microsoft accounts (eg Amazon, Google) should be safely backup using iclouds and icloud kechane in the account (eg Amazon, Google).
The company emphasizes that only the TOTP secret will be supported and there will be no other credentials, and that users can disable the backup feature through iCloud settings on their devices.
Microsoft says that this feature will not automatically require all users without any administrator action.
This feature comes after the recent announcement of Microsoft that they are removing password autofils and management functionality from the authentic.
While cloud attacks can be more sophisticated, the attackers still succeed with surprisingly simple techniques.
Drawing by the detection of Vij in thousands of organizations, this report reveals the 8 major techniques used by Claude-Floid danger actors.
