Hacker News new | ask | show | jobs
by KronisLV 1156 days ago
> To use TOTP we need to reconfigure more than one system because they work differently or 2FA was not thought of when they were designed.

This thought is repeated in the correspondence, does anyone have any idea what they actually mean by that? After all, if they're using Azure Active Directory, then surely the type of 2FA shouldn't matter that much to most of the software that's integrated with it, right?

Why wouldn't the suggestions presented in the e-mails work?

  Go to Security > Multifactor Authentication > Additional cloud-based multifactor authentication settings.
  Tick the checkboxes like in the attached image.
Presumably along the lines of: https://learn.microsoft.com/en-us/azure/active-directory-b2c...

Other than that, it feels like repeated back and forth, with either a lack of mutual understanding of what's actually being used sometimes, or the repeated statement above, which is unfortunate to see.

Props to the person for standing their ground due to what they believe in, but I feel that many would (unfortunately?) just get a cheap Android device for something like this, if their daily driver was something else.
2 comments
counttheforks 1156 days ago
The school should be providing phones if the students require them. I strongly believe 2fa is important, but it is even more important to acknowledge that not everyone owns the gadgets that you do. And they may not want to. So if a service requires 2fa they should also supply the necessary hardware to all of their users.
link
KronisLV 1156 days ago
> The school should be providing phones if the students require them.

I agree in principle, but doubt that our reality matches up with that. It's easier for them to blame the minority of people, especially if nobody will stand up for them.

In their own words:

>> If your phone doesn’t support Microsoft Authenticator, you need to use “Call to phone”, if you don’t want that method to use, you need to change your phone, which support Microsoft.

They can just say: "Most people use phones with a mainstream OS, don't be a weirdo and just use a phone like that, like the rest of the people." Same unfortunate situation across the board, with plenty of software being Windows/Mac-only, drivers not being open source and for the most part almost nobody caring.

What's worse, in this case it seems like TOTP should be able to be supported, with relatively few issues, unless there is indeed something major I'm missing.

link
clnq 1156 days ago
Isn't it just weird that a university is using this language at all? A lot of their messages seem so unempathetic and unprofessional. The spirit of academia has always been about being open to ideas and embracing open standards from my experience, too. Something feels off.

"You need to change your phone, which support Microsoft" just sounds very shady for a state-funded university. Or perhaps I am too sceptical. But a "proprietary tech only" university seems a bit of an oxymoron and close-minded for me. I would expect even staff to protest that.

link
KronisLV 1155 days ago
> Isn't it just weird that a university is using this language at all? A lot of their messages seem so unempathetic and unprofessional. The spirit of academia has always been about being open to ideas and embracing open standards from my experience, too. Something feels off.

It might just be a cultural thing, or the perception on the behalf of the staff, that this person is creating problems for them, where none should exist. I'm from Latvia, which is right next to Lithuania - most of the correspondence I've received in a Latvian university has also been a bit on the terse side of things. It also mirrors the attitude that some of the staff can have, some take pride in failing students, not really helping out with the subjects much, some are genuinely overworked. Of course, there were also plenty of genuinely good staff members.

For example, I remember reaching out to a professor to explain that I'm attending a software development conference and whether I could re-schedule the date on which I'd take an exam (maybe to take it together with those who would later re-take it after not passing). The answer was simply: "No." with a typo in that single word response, somehow. Also, I recall the local IT department sending me a fairly accusatory message about me doing port scanning, when I was testing out OpenVAS against my own VPS (a single node). Nothing wrong with asking questions, but maybe there's no reason to start with an accusatory tone and demanding an explanation. Oh well.

As another example, I recently had a postal package come in that I couldn't redirect to a package machine for pickup, for some reason. So, I wanted to have it delivered to my house (a service that's offered) by the postal worker. I reached out to the customer service by e-mail and just got a copy paste from the FAQ, with my question about the delivery going completely unaddressed. When I called them on the phone, the person there was nice and helped me figure everything out in a few minutes and arranged for the delivery.

People can be nice in person (or when talking over the phone) or when they know you, but for whatever reason many of the people are less nice online. There are fewer pleasantries in general, people typically get to the point more quickly, or might seem cold to someone from US or similar countries. That said, you don't really open the comments sections of news sites over here, unless you want to see something mocking or with profanity.

I'm really not sure why that is. It should probably be better somehow.

link
stnby 1156 days ago
The universities in Lithuania are incompetent when it comes to IT. I graduated from Vilnius University and they also were Microsoft shills that don't know anything better.
link