Support NeoGAF

[Lunatic_Gamer]

Soon, you won't be able to use SMS for login verification or account recovery. Microsoft says the change is for security reasons, as text-message codes are vulnerable to phishing, SIM swaps, and other attacks.

Switch to more secure sign-in methods now, such as:
>Passkeys
>The Microsoft Authenticator app
>A verified backup email address

Microsoft views SMS as a leading source of account compromise and is shifting toward more secure, passwordless options.

 

[winjer]

For once, MS is correct. This is a good measure.
Also consider its not necessary to use the MS Authenticator app. I'm using Proton. But its possible to use any other.

 

[Magic Carpet]

If only my bank would do the same.

 

[thomasfrank]

I'm currently using Proton Authenticator and find it quite stable.

Among Us Online​

 

[cormack12]

I love the authenticator app. I've never been caught in that stupid loop ever.

 

[ShirAhava]

FUCK. I just got out of a crazy ass two year loop and added my phone my chance this is bullshit

Authenticator kicked my email account cause some asshole (or crazy EX) kept trying to login 1000x times so I was in limbo for like 24 months

eh I'll figure something out at least they didn't pull a steam/psn they both deleted my old accounts for no fucking reason

 

[Lupin3]

I just removed Microsoft from my life. More secure than any passkey.

 

[Zathalus]

They are right. SMS is absolutely crap for security.

 

[xrnzaaas]

This may be something different but it bothers me that when you login to xbox.com typing your password (manually or from the browser's password storage) isn't the default method. I could understand that when trying to recover the account, but why make it harder for a simple login, especially when it's the same PC and browser and nothing's changed on my end.

 

[DenchDeckard]

Ive used Microsoft authenticator for years. seems to work well.

 

[Witchilich]

>The Microsoft Authenticator app

This is so bullshit. Why can't you use any authenticator app we want like 2FAS? Sony allows use of 3rd party authenticator apps. Microsoft Authenticator is worse than Google Authenticator, once you connect any account with Microsoft you can't transfer it to anywhere else, its forever locked in.

 

[dreamstation]

I had to relink my Microsoft account to my PSN account again yesterday so I could play Sea of Thieves. Not sure why it keeps unlinking but that's probably the 4th time I've had to do it since the game launched on PS5. The only way I could verify my account was with SMS code as email wouldn't come through. I would have been stuffed without it.

 

[winjer]

This is so bullshit. Why can't you use any authenticator app we want like 2FAS? Sony allows use of 3rd party authenticator apps. Microsoft Authenticator is worse than Google Authenticator, once you connect any account with Microsoft you can't transfer it to anywhere else, its forever locked in.

You can.
For example, I'm using the proton Authenticator App, for my Microsoft account, and Google, Amazon, etc.

 

[GymWolf]

Their stupid fucking system doesnt recognize my password 8 times out of 10 so the sms is the second fastest way to login, how am i supposed to log in now?

Fix your stupid password recognition pattern you fucks.

 

[Reizo Ryuu]

, how am i supposed to log in now?

Add an email to the account to send codes to

 

[GymWolf]

Add an email to the account to send codes to

I have that one but gmail has always problems and half the times the code doesnt arrive, or arrive after hours.

I should not be forced to do all of this shit because their system doesnt recognize my password, they need to fix this shit, not giving me a bend aid ..

 

[dreamstation]

Add an email to the account to send codes to

I have an alternate email attached and the verification email never came through when I had to login yesterday.

Edit - As above my alternate email is Gmail as well.

 

[Reizo Ryuu]

I have that one but gmail has always problems and half the times the code doesnt arrive, or arrive after hours.

strange.
The way I have it set up is, because my main ms account cannot receive emails, I have another ms account basically for spam, this is what I use to send the codes to, but I have a message rule set up so it will forward anything from ms security to my gmail, so it always arrives instantly.
I recently had to get into that email via different means and they wanted a second email for it as well, so I added my gmail temporarily and the code arrived instantly as well

 

[Wolzard]

This is so bullshit. Why can't you use any authenticator app we want like 2FAS? Sony allows use of 3rd party authenticator apps. Microsoft Authenticator is worse than Google Authenticator, once you connect any account with Microsoft you can't transfer it to anywhere else, its forever locked in.

That's not true, the protocol is universal, you can use whichever you want. I myself have two 2FA apps (Microsoft Authenticator and Aegis Authenticator) for the same account in some cases.

 

[Witchilich]

That's not true, the protocol is universal, you can use whichever you want. I myself have two 2FA apps (Microsoft Authenticator and Aegis Authenticator) for the same account in some cases.

Yeah but Microsoft really does not provide the QR codes or any other way to transfer to other apps. You can transfer from Aegis to Microsoft Authenticator, hence you have both, but you can't do the reverse. Even Google allows you to transfer to other apps.