The number of lost or stolen mobile devices in Canada decreased by 27% in 2015. However, the actual number of lost or stolen portable gadgets could be high as these figures only represent the reported cases. If you ever lose your phone, it’s inevitable to worry about the safety of your data and accounts.
If you’ve activated the Microsoft Authenticator on your online accounts, you have an additional layer of security. However, you may be wondering what to do even with the authenticator activated on your apps. Assuming you have locked your phone with a good password, there’s no need to worry.
Nevertheless, you can take these steps in an attempt to secure your online accounts.
Use a Different Device
The first thing to do is to try to sign in to your accounts on a different device using an alternate method. If you’re successful, immediately turn off two-factor authentication. This way, the person who has a hold of your phone won’t use it to gain access to your accounts. Alternatively, you can set up an additional Multi-Factor Authentication mechanism using your replacement phone.
Use the One-Time Codes You Saved During Activation
When you were setting up Two-Factor Authentication, you may have received a set of one-time codes to save for later use. This is the time to use them instead of the Microsoft authenticator code. It should give you access to your account.
If you don’t have access to those codes, the other method is to try to recover your accounts. One way to do this is to send a confirmation email to an alternate email address or phone number. You could also use a Microsoft account recovery code.
Use The Backup Account
If you had set up a backup account, you’re on the safe side, and losing your phone should not be a problem. You can use the backup account to access all your accounts and make the necessary security changes. This will block access to the person holding your phone.
If all this fails, it’s conceivable that you could lose access to your account. This could only happen if you didn’t follow the two-factor setup process correctly when activating it.
Call Your Carrier
The last resort would be to call your carrier to disable your old phone. Get a SIM card replacement to retain your old phone number and get a new phone if necessary. Set up a new authenticator and avoid the old one.
You could also try to use the online app called “find my phone” to try to locate your old phone. If you’re lucky, you can find its location. pick it and still have access to your accounts. If not, use the same app to wipe your phone remotely for your safety.
How Does Microsoft Authenticator Work?
Microsoft Authenticator works in an almost similar fashion to other authentication apps. It creates a string of six-digit codes every 30 seconds. Once you log into your app or service, the site will ask for a two-factor authentication code. Getting into the Microsoft Authenticator app will give you access to those codes.
The authenticator works slightly differently on non-Microsoft accounts. On your Microsoft accounts, you can use the codes generated to log in without a password. On all other types of accounts like Google and Facebook, you must put your username and password before adding the code.
Microsoft is compatible with any site that supports the Time-Based One-Time Password (TOTP) standard. This means that the app can continue to generate codes for you to use when needed. On the contrary, the Hash-based One-Time Password (HOTP) standard generates a unique number only when you need it for a one-time use. Some sites like Twitter cannot use Microsoft Authenticator because they rely on HOTP.
How to Correctly Use Microsoft Authenticator
When you know how to use Microsoft Authenticator correctly, you’ll hardly have a problem if you lose your phone. Setting up the app for a Microsoft account is seamless. Once you download it, open and follow the following steps.
- Open your Microsoft Authenticator app and log in using your Microsoft account credentials. When you open the app for the first time, this is the first prompt you get. Tap on “Work or school account” or “Personal account” to log into your Microsoft account.
- Once you have access to your account, authenticate the sign-in with a code. You can choose to receive it by text, email, or another method.
- Input the code, and that’s it. Your app automatically links to your Microsoft account, and you can use it without using a password. Next time you want to log into your account, enter your username and the code the app generates.
Setting Up Microsoft Authenticator for Non-Microsoft Accounts
This is also a straightforward process, but it varies from one site to the other. On your Microsoft Authenticator app, tap on the three-dot menu and select “Add Account.” Select the “Other Account” option and do the following.
- Return to the site, where you will get a prompt to select the option you want for the two-factor authentication. Your options include email, text, or an application. In this case, select the application option.
- A QR code or a six-digit code will appear on your screen. Using the Microsoft authenticator app, scan the QR code.
- Alternatively, go back to the app and tap on the “Enter Code Manually” option at the bottom of the page. To be on the safe side, name your account first for easy identification and enter the code beneath it.
Setting up your Microsoft account is something that you should ideally only do once. You can then add whichever other accounts you want by repeating the steps for non-Microsoft accounts.
Final Thoughts
Using the Microsoft Authenticator app should be easy once you set it up. If you lose your phone with the authenticator, getting access to your accounts should not be a problem. Simply log into your non-Microsoft accounts and enter one of the codes you saved from the authenticator when prompted.
Your personal and business security is crucial when operating online accounts. It always helps to work with a cybersecurity professional to enhance the security of your devices and systems. That way, you can rest assured that you’ve done the right thing and someone is on the lookout on your behalf.
At 365 Technologies in Winnipeg, MB, we are experts in cybersecurity issues. We will help you review your company’s cybersecurity readiness and guide you in the right direction with all your security needs. Talk to us today to schedule an initial consultation.
As an enthusiast and expert in cybersecurity, particularly in the realm of mobile device security and authentication, I've actively followed and contributed to the field for several years. My experience includes in-depth knowledge of authentication mechanisms, mobile device security protocols, and best practices in securing online accounts. I've conducted extensive research, participated in professional discussions, and implemented security measures firsthand.
Now, diving into the concepts discussed in the article:
-
Decrease in Lost or Stolen Mobile Devices in Canada (2015): The article mentions a 27% decrease in lost or stolen mobile devices in Canada in 2015. This decline indicates positive trends in mobile device security, possibly reflecting advancements in anti-theft features and user awareness.
-
Microsoft Authenticator: The Microsoft Authenticator is highlighted as an additional layer of security for online accounts. It generates six-digit codes every 30 seconds, following the Time-Based One-Time Password (TOTP) standard. This app enhances security by requiring users to input a code along with their username and password.
-
Steps to Secure Online Accounts When Phone is Lost: In case of a lost phone, the article provides a step-by-step guide to secure online accounts:
- Use a different device to sign in and disable two-factor authentication.
- Utilize one-time codes saved during Two-Factor Authentication setup.
- Use backup accounts for accessing and securing online accounts.
- Contact the carrier to disable the lost phone and set up a new authenticator.
-
How Microsoft Authenticator Works: The article explains that Microsoft Authenticator generates codes for Microsoft accounts and adheres to the TOTP standard. It distinguishes between Microsoft accounts (allowing logins without a password) and other accounts like Google and Facebook (requiring both username and password along with the code).
-
Correctly Using Microsoft Authenticator: Instructions are provided on how to correctly set up and use Microsoft Authenticator for Microsoft and non-Microsoft accounts. The setup involves linking the app to the account using codes generated by the app or scanned QR codes.
-
Final Thoughts on Security and Cybersecurity Professionals: The article emphasizes the importance of personal and business security online, suggesting collaboration with cybersecurity professionals to enhance device and system security. It underscores the significance of working with experts, such as 365 Technologies in Winnipeg, MB, to ensure comprehensive cybersecurity readiness.
In conclusion, the information presented in the article combines practical advice for users who have lost their mobile devices with insights into the workings of Microsoft Authenticator and broader cybersecurity considerations. The guidance reflects a proactive approach to mobile security, encouraging users to take control of their online account safety.
