Issue with some Microsoft 2FA

[Bubka]

Some Microsoft 2FA (e.g from admin.microsoft.com, and probably from any MS service that uses corporate accounts) are rejected by 2FAuth after a QR scan or upload. Long story short, this is due to MS specific usage whereas 2FAuth respects the (most commons) Google guidelines (see Google-authenticator/Key Uri Format).

The good news is that you can add those 2FA to 2FAuth manually.

• In 2FAuth, open the advanced form to create a new account
• Sign in to your MS account and go to the security settings
• Click Add a new way to sign in or verify
• Click Use an app
• Click set up a different Authenticator app
• Click I can't scan the bar code. MS gives you then an Account string and a Secret string
• Split the Account string at the : character. Copy/Paste the left part in the Service field of 2FAuth form, the right part in the Account field of 2FAuth.
  If a , is present, remove it. There is no need to keep the account informations exactly as is to generate valid codes
• Back to the 2FAuth form, click the TOTP button
• Set the Secret field to Base32, copy paste the Secret provided by MS then remove all white spaces and upper case it.
  For example, if MS gives you the secret xd5s 8s5d 6eed 8s9d you must fill XD5S8S5D6EED8S9D in 2FAuth.
• You can leave other options as is and test/create the account

[yllekz]

This was my experience with getting my MS account into 2FAuth. It's worth noting that I don't think this is necessarily a bug (like you demonstrated, it DOES work if you input the correct specific parameters), it's just MS's weird and non-standard implementation of MFA.