iCIS Intra Wiki
categories: Info - Support - Software - Hardware | AllPages - uncategorized
Non-Microsoft Authenticator for Microsoft 365
Use a hardware authenticator
If you prefer to use separate hardware authenticator, you can contact C&CZ Helpdesk to request one.
Configure a Non-Microsoft Authenticator for Microsoft 365
This page describes how you can add non-Microsoft Authenticator as a second factor to login to Radboud Microsoft 365 applications.
Caveat emptor: This method is not officially endorsed by the Radboud University ICT Helpdesk. Please be careful to not lock yourself out of your account, as reactivation can take a few days. It is recommended to open a second browser where you are logged in to your account, so that you keep access in case it does not work.
Steps
- Login in to your Microsoft account with your @ru.nl email address;
- Select "Security Info" in the left panel;
- Select "+ Add method";
- Select "I want to use a different authenticator app";
- Scan the QR code with your authenticator app and choose [Next];
- Enter the code from your Authenticator app and choose [Next];
- (Optionally) Select the Authenticator app as the Default sign-in method.
If you add more than one authenticator app, they are all listed as "Authenticator App" in the interface. Experimentation shows that codes produced by any of the registered authenticator apps will work to log in.
Background Information
This method should work with any Time-Based One-Time Password authenticator (RFC 6238). It was tested (on 2022-03-08) with the Yubico Authenticator for Android App, FreeOTP, Aegis Authenticator, and the following little Python program.
import getpass
import pyotp
base32secret = getpass.getpass('Secret key: ')
totp = pyotp.TOTP(base32secret)
print('OTP code:', totp.now())