Starting February 2026, Microsoft Authenticator will block Entra credentials on jailbroken/rooted iOS and Android devices through a phased rollout: warning, blocking, then wiping credentials. This security feature requires no admin setup. Users on compliant devices remain unaffected. Organizations should notify users and update documentation accordingly.
I really think we need a :microsoft-cool: emoji
I know it weakens its purpose but personally cba to grab my phone / open another app every time I want to log into something. It automatically copies the 2fa code to the clipboard too after having it fill in the password which is very convenient.
In my mind it’s ok because much of the utility of TOTP is to mitigate for people reusing the same password on multiple sites.
But there are other threats like someone accessing your device that might be mitigated with TOTP but aren’t when the TOTP is in the password manager.