No it was by trial and meant as punishment. Quite common even, but I first heard of it in relation to Cromwell c.s.

The fact that they dug up Oliver Cromwell’s body for a posthumous execution. It’s just insane on so many levels

I’m not concerned per se and I definitely applaud the MFA requirement. I mean I hate MS and don’t like apps I don’t need, and I don’t trust them, but as others pointed out this would mostly just be whiny. That’s why I asked for reasons why restricting users to MS Authenticator would be preferable. If it’s more secure or technically way easier and thus cheaper to maintain then fine, I’ll find an acceptable way to comply. If not, then it’s them who are whiny and I’d rather make the case to let us use whatever authenticator we already have installed.

This could indeed be a valid reasoning. I’m going to investigate a bit. If you can easily cough up some MS documentation page on this topic please do

Thanks people, some good replies here. I could demand a work phone, but that’s impractical, dragging around two phones etc. I’d like all my 2FA in Aegis and not have to think and pick the right app first, let alone pick and unlock the right phone. The Shelter option is very nice, didn’t know about that. If my company won’t budge I’m doing that. When push comes to shove I could even use outlook that way on my phone.

There's also the naughty programmer getting spanked by EFL