Mastodawn

Merill Fernando

Mar 10

Microsoft Authenticator is about to wipe work accounts from jailbroken/rooted phones automatically 👏.

No IT config needed. 🔥

3-phase rollout starting Feb 2026:
⚠️ Warn → 🚫 Block → 🗑️ Wipe

Let your help desk and security teams know.

🔗 https://support.microsoft.com/en-us/account-billing/jailbreak-root-detection-in-microsoft-authenticator-9f0431bd-675a-4f2d-b8fb-7acd18deaadc

Show thread

Klaus Frank Mar 10

@merill

Soo instead of just rooting a phone one needs now to also deploy 38473894 shady scripts and workarounds to hide it from Microsoft Authenticator?

Congratulation on improving security (NOT).

Show thread

1.3.6.1.4.1.61513

@agowa338 @merill and someone attacking will still be able to grab the codes before being wiped because you just stop the app before dumping the data

Show thread

Klaus Frank Mar 10

@xssfox @merill

Ehm, the azure codes are a bit different than the TOTP ones. Their app also has a kinda proprietary auth code format too. I think it is mainly about them. As for all others you literally just have to store a picture of the QR-Code you used to set them up...

Edit: But yea, it probably will end in there being a shady cracked version of the Microsoft Authenticator App that continues to work on rooted phones...

Show thread

1.3.6.1.4.1.61513 Mar 10

@agowa338 @merill sure but you can get the private data which is the core point of this protection

Show thread

Klaus Frank Mar 10

@xssfox @merill

Haven't actually looked at how they're doing it. But yea, you can always crack these things.

All that they're doing by adding root detection is forcing people that can't do this themselves to download a modified version off of some shady backyard Russian forum or something...