If they want me to have some "special device", they pay for the hardware for me to have said "special device".
My private phone is not for their use, ever.
[1] https://duo.com/
No, but it's also not reasonable for them to only offer something that can't be used with other software. Use a different 2FA scheme
There's a cost for everything and while you can "devolve" the cost downwards of a phone to an employee it's probably correct (in capitalism perspective) for an employer to pay for any tool they require so that the input costs are correctly correlated to the output price.
Maybe if your company is filled with the type of people who run archlinux on their IBM era thinkpads, but otherwise I would be very surprised if could find even one or two sympathetic people who are also against installing a 2fa app. Even if you can get your manager to cave, it'll be less because they want to be "troublemakers" themselves, and more because they don't to deal with the hassle of arguing with you.
Maybe you're incapable of communicating with your coworkers about how your employer exploits you. I graduated third grade, so I'm not.
Someone with 3rd grade reading comprehension should be able to realize the comment about IBM era thinkpads were directed at your coworkers, not you. Then again, there was a recent OCED report about how around 7% of tertiary students have the literacy skills of a 10 year old, so that might explain why there are people who proudly proclaim they passed third grade, but nonetheless have worse comprehension.
>Maybe you're incapable of communicating with your coworkers about how your employer exploits you. I graduated third grade, so I'm not.
See my subsequent remark about "...they don't want to deal with the hassle of arguing with you.".
You can also perfectly use 2fa without a phone, unless your shitty company is using some shitty propietary 2fa, and even then, its just a "key" or "qr" they give you, that then you totally control and can use in mostly any 2fa compatible app, like Passwords. app from apple, 1Password, or Authy (RIP)
Installing shitty apps just cause your company tells you to is a great way to get your personal phone hacked too
Sames goes with all the MITM bullshit, If you want to install malware on my 6k macbook, you've gonna have to buy me your own "work macbook" for me to handle that shit. And i wont touch it for anything else than work. But installing spyware from work in my personal computer is a big NO NO.
Only if they're using RFC 6238 TOTP, and not some weird 2fa app. It's ironic you mention authy because they have their own weird TOTP scheme, along with push notification based approval system.
But yeah, things can get messy depending on the specifics, but not installing random apps on your personal phone seems like a pretty reasonable line to make.
I only mentioned Authy cause it was my go-to for 2fa before they got acquired
that means they need to provide it
If its the terrible MS authenticator or DUO, then get me a device.
So I do have work stuff on my personal phone, but with no notifications whatsoever. Only works because I'm in a position where it's acceptable to require all communications to go through emails or messaging apps though.
Im with GP, absolutely no work stuff on my personal phone
My employer has a BYOD program with a monthly stipend that is somewhat more than my phone provider (Fi) charges for an extra line. I think doing this with a non-flagship phone would probably pay for itself in a year or two.
For example, if Apple can verify the device was purchased by a corporate entity and then enrolled in an mobile device management system, it will allow a lot of things that it won't allow on a personal device - things that can be used for monitoring.