So my company decided to migrate office suite and email etc to Microsoft365. Whatever. But for 2FA login they decided to disable the option to choose "any authenticator" and force Microsoft Authenticator on the (private) phones of both employees and volunteers. Is there any valid reason why they would do this, like it's demonstrably safer? Or is this a battle I can pick to shield myself a little from MS?
And my point was that a separate corporate device makes it trivial to manage my privacy and availability. Using my personal phone for work is a hard NO.
If I donโt want them tracking me I just turn it off
Are they entitled to it or not? If they're entitled, then why do you have a right to cut it off? I'd argue they have no right to it to track me off hours at all... regardless of the device used. u2f tokens like yubikey would be just as sufficient for 2fa with none of the tracking.
Or I brought up a point that you didn't consider, and rather than addressing it you need to resort to low level ad hominem. You contradicted yourself. Either explain the contradiction or move on. There's no point in this comment unless you're attempting to discredit me without reason which just makes you look bad.