This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 47%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHJ%3C/text%3E%3C/svg%3E)
Hi,
My customer is implementing ManageEngine PAM360 for Privileged Access Management.
PAM360 can use Microsoft Authenticator for MFA, but only using One-time password codes, so no Azure MFA involved.
In odd cases, like offshore or in heavy concrete structures with no net, the phone running the Authenticator app won't be online, but only be used for getting the codes from. It seems to be working fine offline in short tests.
Not considering various app/OS updates for the phone, would this represent at problem at all?
Are there any restrictions to use the app this way? Completely offline for one-time password codes, for potentially months.
App / Phone OS updates will be performed on an ad-hoc basis, when someone from tech-support is around.
Using the Microsoft Authenticator app in the way you describe should be no problem at all. The only requirement is that the phone keeps an accurate time, since the tokens generated by the app are time based.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 85%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDY%3C/text%3E%3C/svg%3E)
How does the time change based on geographical location affect this?