Microsoft Authenticator's jailbreak detection will likely hit GrapheneOS too, Microsoft PM suggests

Microsoft product manager Merill Fernando posted on X about the Authenticator app’s latest security move. He pointed out that the app will now wipe work and school accounts from any phone it flags as jailbroken or rooted. And none of this needs IT admins to flip a switch.

When a user asked if GrapheneOS would get caught up in it, Merill stated, “I believe so, will need to confirm.”

This matches what we reported back on March 5. Microsoft had already said the app isn’t officially supported on GrapheneOS and future updates might cause problems.

The change started rolling out on Android devices at the end of February. It follows three steps spaced about a month apart. First comes a simple warning. Then new sign-ins stop working. By around July the app wipes all stored credentials.

On Android, the checks run through Google’s Play Integrity API. GrapheneOS fails those tests because it’s a custom build focused on privacy and strong security. The phone stays locked down with no Google services and extra protections against attacks, yet the system still sees it as non-standard.

Microsoft wants to protect company data by treating modified devices as a higher risk. The policy applies to Entra ID work accounts only and hits both Android and iOS. Full details sit on the official support page right here.

A company spokesperson had previously told Heise that Entra accounts on GrapheneOS could face blocks later on. If you run work logins on this OS, keep an eye out for those early warnings. Some organizations let users switch to other authenticator apps, so check your policies.

Merill Fernando didn’t seem quite confident with the response, since he mentioned “will need to confirm.” So there’s still a chance things could change or take a u-turn for GrapheneOS users. For now, stay alert as the phases roll out.

We stand out from the tech-media crowd because we break news stories; we mainly bring you stuff that you won’t find anywhere in the mainstream tech media. Our stories have been picked up by some of the world’s most popular websites and media outlets—more info is available here.