"Since these phones running custom OS don’t fully adhere to security
practices, Microsoft will issue an update to block and phase out such
devices in a planned manner."
This statement by the article's author seems built out of poorly researched assumptions - like that stock OS all full adhere to security practices.
You hardly ever have to use that system - despite the way they present it during enrollment (like zoom tries to get you to install their electron app every time you video conference).
I have already cracked down on MS Authenticator --- I wrote my own --- and it's not very difficult to do.
For basic 6-digit codes sure. But MS authenticator uses push notice based approvals for many corporate SSO accounts including mine.
You hardly ever have to use that system - despite the way they present it during enrollment (like zoom tries to get you to install their electron app every time you video conference).