Supposed I have a phone number with an area code specific to my hometown for my personal iphone. I live in the US and would like to live in another state that isn’t my home state. Would Azure MFA Authenticator app on my iphone leak my location from the new state? Per the wiki, it is not suggested that personal devices be on the same VPN network as the work laptop, so I’m thinking that the communication between the work laptop and the Authenticator app would leak location? What if I opt for SMS text verification codes instead, will that leak location?
You must log in or register to comment.
Somebody recently commented that Authy does not provide location data, but I have not verified that. Not sure if you need to use a proprietory authenticator, but my employer does not care.
That’s really the thrust of it. It is actually quite trivial for a company to figure out if they care, and overwhelmingly the ones who do care, really only care if they wanted to fire you anyway.
The authenticator app can ask for location directly via gps, but if your company doesn’t enforce that requirement, you can deny the app that permission.
However if your org is using Azure AD or ADFS, your location will instead be inferred based on public IP and then challenged against conditional access policies.
Outside of those two scenarios, you’re probably good.
Why are you concerned about your employer knowing your location?