Azure MFA for shared accounts

Have you ever had an account that you share within a team and all members know the “secret” password. But, A real secret is something which only one person knows! So why not enable multifactor? The problem is that the person configuring the multifactor must be available to answer all other users multifactor requests.

But then I stumbled on this cool trick to configure the Microsoft authenticator app with the same account on multiple devices! And bingo, it worked! Really useful! So, how do we configure this?

When configuring the MFA (for example on http://aka.ms/mfasetup)
Select “I want to use a different authenticator app”
(This can also be used for third part authenticator apps)

Then start the Microsoft Authenticator app on your mobile device and select to add a corporate account.

Finally, and most important!
Use snip and sketch to save the QR code as an image for your team members and then scan the QR code in your own app.

All authenticator apps that scan the image will get the same 6digit code displayed simultaneously. So now, any of the team members that add this account can login with application code MFA

And I know, the whole purpose of MFA is to be “more” sure the user is who it claims to be. But It is less secure to have the account without MFA.

Mr T-bone

Torbjörn Tbone Granheden is a Solution Architect for Modern Workplace at Coligo AB. Certified in most microsoft technologies and over 20 years as Microsoft Certified Trainer (MCT)

You may also like...

%d bloggers like this: