Is there a limit to multiple users that can claim a TOTP registration code?

Question

Our organization has a shared Admin account that requires multiple users to access a Dynamics 365 CRM app. We initially used pushed notifications for MFA, but we soon realized that Microsoft only limits us to 5 registered devices. We heard about TOTP (Time-based Time Passcode), which allows us to register multiple users/devices for MFA under the same QR registration code.

Is there a limit to the number of users that can claim a TOTP QR registration code?

In addition, we generated the TOTP registration codes using this method:

Does it have to be an "other" authenticator app? or can it be a Microsoft Authenticator app? I am using the TOTP registration code generated by this option and it seems to be working in Microsoft Authenticator app without any issues.

Answer 1

Thanks for posting your question in the Microsoft Q&A forum.

Theoretically, there isn't a fixed limit to the number of users who can claim a Time-based One-Time Password (TOTP) QR registration code. TOTP is a standard algorithm (specified in RFC 6238) for generating one-time passwords based on a shared secret and the current time.

When a user registers for TOTP authentication, they typically scan a QR code provided by the service, which contains the necessary information for generating TOTP codes (such as the secret key and other parameters).

Ensure that the time on your device where the authenticator app is installed is synchronized accurately. Incorrect time settings can lead to code generation issues.

** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful **