We've just taken over a small family-run company, and the IT person currently has all the MFA (Multi-Factor Authentication) codes linked to Microsoft Authenticator on her phone. Is there a way for her to transfer those TOTP (Time-Based One-Time Password) codes to my Microsoft Authenticator? Or will we have to go through each account, which is over 50, and set up MFA again by scanning all the QR codes with my phone?
3 Answers
Consider moving to a password vault that supports TOTP! This way, the codes won’t be tied to just one device, and you can easily share access with anyone else who needs it. It’s a good way to keep everything organized, especially for admin accounts. For personal accounts, your phone is fine, but for work-related stuff, use a vault.
I found this Microsoft link about transferring the Authenticator app, but just so you know, unfortunately, you can't transfer work accounts—the tokens are tied to the device they're set up on. So, you might be stuck resetting things manually.
Are you sure you want to set yourself up for the same mess you just took over? It might be worth looking into best practices for managing MFA. Seriously, consider using a PAM (Privileged Access Management) tool like Bitwarden instead of just setting it up on your phone. Makes managing access way smoother!
That's a bummer! Seems like a lot of extra work ahead for you.