May 8, 2024

Circumvent Purdue Microsoft Authenticator

Per the Purdue IT department:

"The Microsoft Authenticator app can be setup on a smartphone or tablet. If you don't have any smart device to connect it to, please visit for information regarding getting a hard token for Microsoft Authentication."

Obviously Purdue wants us to either use some shady Microsoft app or actually pay 20 bucks. So here is a way to not do either.

  1. Go to Microsoft Sign-in management at
  2. Choose Add sign-in method - Authenticator app.
  3. Select I want to use a different authenticator app.
  4. Click Next - Can't scan image? and record down the Secret key (e.g. `qldthfnyvkv6jw7f`).
  5. Find any TOTP generator online (e.g. and paste in the secret key to get the one-time code.

WARNING: Entering your secret key onto any unvetted third party carries a risk if the third party is recording the secret key. I have not personally checked any TOTP website for its security.