Transcript
A wafrn woot (post) by @[email protected] saying “Microsoft Authenticator needs me to validate with Authenticator in order to log in with Authenticator to use it to authenticate another app with Authenticator. Here is the app telling me to open itself to validate itself with itself. #infosec #iHateComputers” It has a screenshot showing the microsoft authenticator app.
Well, if the MFA device is not available, reset is the only way. If user would be able to bypass the lost device, the whole thing would be vulnerable.
Whole MFA is of course really f stupid, but it is best we got against phishing.