[edent]

Android used to have an "office hours" setting which would prevent specific email accounts from notifying you outside of your specified times.

I had my work GMail set to notify only between 0800 (so I could check for a "don't come in" message) and 1700 Mon-Fri. Of course, it didn't account for holidays / sick leave etc, but it was good at prevent me from panic checking every ping.

I wish that was a feature on modern Gmail. Or, indeed, WhatsApp and Signal. You can manually mute, but there's no way to silence specific notifications at specific times.

Regardless, employees shouldn't be expecting employees to be on-call without compensation. But users also need ways to manage this themselves.

[Qem]

> Or, indeed, WhatsApp and Signal.

You can use Shelter from FDroid to create a separate work profile in the phone, with separate accounts, and then pause it after office hours.

[vlunkr]

I use 2 different email apps for exactly this reason. I can check my work email if I need to, but I don’t want notifications.

[gumby271]

Check out Buzzkill, its a great app for managing notification rules. You can set it to hide and batch up notifications during your off hours and show them later.

[throe9393i44i]

Second phone?

[pwg]

Indeed. If $job is not willing to buy and hand me a "work phone" then they are out of luck, nothing for $job gets put onto my private phone. If they think they need this ability, then they also need to add a line item to their budgets for the cost of the phone and the service. And when faced with this alternative, they have not, so far, decided they want to pay for a phone.

[yfontana]

Having to lug 2 phones around has always seemed like more trouble than it's worth to me. I also don't like having multiple devices to do stuff that a single one could do, for environmental reasons, but that's not a very wide-spread opinion.

So I do have work stuff on my personal phone, but with no notifications whatsoever. Only works because I'm in a position where it's acceptable to require all communications to go through emails or messaging apps though.

[lokar]

I’m torn. I’d prefer the 2nd phone, but at some point it’s not worth arguing about. If they are paying enough I just mentally subtract the cost from my comp.

[SoftTalker]

Where do you draw the line? If the employer wants you to install a 2FA app on your phone, do you demand a separate phone or alternate 2FA device for that and mark yourself as a troublemaker? Or do you just do what 99.8% of the staff does and install the app?

[8note]

if the company wants to identify me by my phone, they have to take control over the phone. eg. a rooted android can screw with their app

that means they need to provide it

[childofhedgehog]

My IT department and I fully support staff requesting YubiKeys, there’s no concept of being a “troublemaker” for having boundaries and respecting security requirements. I’d talk to your IT management if your company culture seems different, I bet the actual techs do not have an issue with this.

[pwg]

> Where do you draw the line?

If they want me to have some "special device", they pay for the hardware for me to have said "special device".

My private phone is not for their use, ever.

[SoftTalker]

Take for example a university. Many of them seem to use Duo[1], which is not something you can replace with Google Authenticator or other TOTP app. They require it for students as well as faculty and staff. Is it reasonable for them to have to provide a device to all those people, forcing them to carry two devices around, and then also deal with replacing lost or broken devices? The cost of this would simply be added to the technology fee that students have to pay, when they all already have smartphones and could use the app for no additional cost.

[1] https://duo.com/

[lesuorac]

Seems pretty in line with a recent frontpost of "Pre-Modern Armies for Worldbuilders, Part III: Paying for It " [1].

There's a cost for everything and while you can "devolve" the cost downwards of a phone to an employee it's probably correct (in capitalism perspective) for an employer to pay for any tool they require so that the input costs are correctly correlated to the output price.

[1]: https://news.ycombinator.com/item?id=48689859

[nosioptar]

I'm happy to be the "troublemaker". In my experience, one troublemaker can often recruit others to their cause.

[gruez]

>In my experience, one troublemaker can often recruit others to their cause.

Maybe if your company is filled with the type of people who run archlinux on their IBM era thinkpads, but otherwise I would be very surprised if could find even one or two sympathetic people who are also against installing a 2fa app. Even if you can get your manager to cave, it'll be less because they want to be "troublemakers" themselves, and more because they don't to deal with the hassle of arguing with you.

[nosioptar]

Dude, your characterization of me being an arch user with an ancient latop is clearly in bad faith.

Maybe you're incapable of communicating with your coworkers about how your employer exploits you. I graduated third grade, so I'm not.

[tassadarforaiur]

One of the biggest banks in the US forces staff and contractors alike to install a proprietary 2fa app on their personal devices. if you can get a company phone, you can't finish activating the MDM, to install the company 2fa app, without first using that 2fa app on your personal device. Even a company yubikey can't be activated without the 2fa appp, which again, you can't get on a company device without first installing it on your personal device.

[nkrisc]

What about people who don’t have smartphones? Not everyone has one.

[tough]

I would install the app on the shittiest iPhone backup i have (I must have like 10 iPhones by now, i dont sell old ones)

You can also perfectly use 2fa without a phone, unless your shitty company is using some shitty propietary 2fa, and even then, its just a "key" or "qr" they give you, that then you totally control and can use in mostly any 2fa compatible app, like Passwords. app from apple, 1Password, or Authy (RIP)

Installing shitty apps just cause your company tells you to is a great way to get your personal phone hacked too

Sames goes with all the MITM bullshit, If you want to install malware on my 6k macbook, you've gonna have to buy me your own "work macbook" for me to handle that shit. And i wont touch it for anything else than work. But installing spyware from work in my personal computer is a big NO NO.

[gruez]

>You can also perfectly use 2fa without a phone, unless your shitty company is using some shitty propietary 2fa, and even then, its just a "key" or "qr" they give you, that then you totally control and can use in mostly any 2fa compatible app, like Passwords. app from apple, 1Password, or Authy (RIP)

Only if they're using RFC 6238 TOTP, and not some weird 2fa app. It's ironic you mention authy because they have their own weird TOTP scheme, along with push notification based approval system.

[tough]

Authy is also EOL since it was acquired by twilio and tossed into the do not recycle bin it seems...

But yeah, things can get messy depending on the specifics, but not installing random apps on your personal phone seems like a pretty reasonable line to make.

I only mentioned Authy cause it was my go-to for 2fa before they got acquired

[brendoelfrendo]

They can buy a USB Fido token. I've had this argument with employers in the past; some states have laws that require the employer compensate employees for requiring the use of their personal mobile device, even for something as simple as MFA. There's no such thing as a free lunch: if you want to require an employee do something, you must be willing to pay for that capability. Ethically, I think all employers should be held to this standard. Legally, anyone who employs people in California, Montana, and I think Massachusetts must be aware of that standard.

[idiotsecant]

Yes. That is where you draw the line. Work use of your personal device. Why is this so hard to imagine? If you're working somewhere where not donating resources to your employer means you are a troublemaker, it's time to find new work.

[tbrownaw]

> Indeed. If $job is not willing to buy and hand me a "work phone" then they are out of luck

My employer has a BYOD program with a monthly stipend that is somewhat more than my phone provider (Fi) charges for an extra line. I think doing this with a non-flagship phone would probably pay for itself in a year or two.