How to use programmable OATH tokens to replace authenticator apps

This guide explains how to use the programmable OATH TOTP tokens from Microcosm as a drop-in replacement for the Microsoft Authenticator app in Office 365 and Azure AD MFA (without P1/P2 licence).

Steps

  1. Install the Microcosm OTP Burner app from Google Play on an NFC-enabled Android smartphone.

    Get it on Google Play

  2. In Office 365 or Azure AD MFA navigate to the MFA setup page and add the the Authenticator app as an authentication method.

  3. When prompted to get the Microsoft Authenticator app click I want to use a different authenticator app.

    Microsoft MFA add authenticator add authentication method
  4. Then click Next - you should see a screen displaying a QR code.

  5. Open the Microcosm Burner app on your smartphone and choose the Scan a QR Code option.

    Microcosm OTP Burner app home screen
  6. Scan the QR code using the app.

    The app will then wait for you to present a programmable OTP token.

  7. Press the button on your OTP token to turn it on. Now place the token in the NFC detection area of your smartphone. The NFC detection area is usually on the back of the device.

  8. The app will detect the token and program the seed into it.

    Microcosm OTP Burner app successful seed programming
  9. On Office 365 or Azure AD MFA click Next to perform the OTP verification. The OTP verification step will require you to enter the code shown on your OTP hardware token. Type in the 6-digit code and click Next to complete the process.