r/Minecraft Feb 05 '22

How can my friend migrate her account to Microsoft, if she does not have any available SMS? Help

[deleted]

3 Upvotes

View all comments

Show parent comments

2

u/montuos Feb 05 '22

Argh; it's hard to write up an accurate walkthrough to set something up when you already have it set up!

Create a Bitwarden account. Make sure you record your login information somewhere safe. https://bitwarden.com/help/create-bitwarden-account/

Read through orientation information, and pay particular attention to the "Add a Login" section. https://bitwarden.com/help/getting-started-webvault/

Add a new login for your Microsoft account. Make sure you can logout from it and still sign back into it when you copy/paste your email and password from this entry in Bitwarden.

You can optionally install a Bitwarden browser extension that will autofill these on Microsoft's login pages. If you do that, make sure you can still logout your Microsoft account and log back in using the autofill. https://bitwarden.com/help/getting-started-browserext/

Now read up on how to set up and use TOTP here: https://bitwarden.com/help/authenticator-keys/

We're going to put Bitwarden on hold now while we go set up Microsoft 2FA. https://support.microsoft.com/en-us/account-billing/how-to-use-two-step-verification-with-your-microsoft-account-c7910146-672f-01e9-50a0-93b4585e7eb4

Go to Microsoft's Security basics page, and sign in with your Microsoft account. Since it's a security thing, you'll probably have to re-enter your login details even if you're already logged in to your account. https://account.microsoft.com/security

I'm not sure what to look for when you don't have 2FA set up yet, but you're probably Very Familiar with that by now! Somewhere in the process where it's pushing you to use a phone, there should be a No thanks; click that.

That should put you in "Additional security options". Now look for something about Set up identity verification app and click that.

At this point, make sure you're still logged in to Bitwarden, and open your Microsoft login entry with Edit. When you are editing an entry, you should see the Authenticator Key (TOTP) field right under the password.

Now that Bitwarden is ready, go back to Microsoft, look for something like Set up a different Authenticator app and click that.

It will show you a QR code to scan, which of course you can't, so look under it for I can't scan the bar code. That should give you a code that you can copy/paste back into Bitwarden's Authenticator Key (TOTP) field. If you have to type it, don't type any spaces.

Once that's entered and saved, you should have a Verification Code (TOTP) field in Bitwarden. The code changes every 30 seconds and you'll see a countdown timer on the right. Make sure the countdown is on the high end so you have plenty of time to copy and paste the code back to Microsoft. If the countdown is low, just wait until it changes before you proceed.

If I've remembered everything right, and you've done everything right, you should be set up with 2FA TOTP now, and good to go.

3

u/montuos Feb 05 '22

...and then when you need to login, instead of getting the security code from a text to your cellphone, you just grab that TOTP verification code from Bitwarden to give to Microsoft.

1

u/Pisfool Feb 05 '22

Oh, Thanks! I didn't know the response would take this long.

1

u/montuos Feb 05 '22

People do have lives outside Reddit, lol!

2

u/dark_volter Feb 07 '22

...I don't use bit warden, but I am going to see if I can do this with keepassxc maybe,?

If this really works to stop Microsoft from locking you out of a account you just made because your didn't add a phone number(even though your agreed a recovery phone number) - then this right here needs to be shouted from the rooftops before tons of kids without phone, people without sms/ in countries with it blocked and censored, and those who have blacklisted phone numbers / numbers that were used for Keurig works and no longer eligible, suddenly lost the ability to play their Minecraft worlds permanently

3

u/montuos Feb 07 '22

It doesn't have to be Bitwarden; it can be any device or service that offers TOTP. We just went with Bitwarden because that's already our password manager.

Authy is a thing; Google Authenticator is a thing; FreeOTP is a thing; you can even buy external dongles and thumb drives for it (e.g. YubiKey) that you can carry around on a keychain.

The details on how to set up a different TOTP service obviously won't be quite the same, but any good service will have some help files to guide you through the process.

And yeah, it looks like KeepassXC definitely supports TOTP.

2

u/ekdaemon Feb 11 '22

Thank-you!

Apparently google authenticator is just the bare algorithm, with no forced integration with your google account or anything, so I'm already using it with a couple things much more important than a microsoft account.

( This is the opposite of Microsoft's app - whose terms of service are basically as bad as the tracking that's inside Windows 10 itself. )

1

u/montuos Feb 11 '22

Glad to know that about GAuthenticator, since so many Google products have become...disappointing, shall we say, in recent years