My company stopped allowing OTP and required Microsoft Authenticator on personal phones. I was one of the few to refuse, eventually they gave me a Fido key. While I also use a less Google version of Android, I didn't talk about that when it was happened, just the principal that this is my phone, not the companies.

[–] hanke@feddit.nu 1 points 20 hours ago

One of my previous jobs required we updated our personal phones and ticked a box in a document every month so that the company chat app was "on a secure environment/device".

I normally keep my phone up to date, but my employer shouldn't be telling me what to do with my private phone. I removed the company chat app since I didn't want to comply with them controlling my personal devices.

After that they couldn't reach me after hours. Great. After about 6 months they allowed me to use the chat app on my private phone again without insight or control over it. It may sound petty, but I think it's an important distinction.

[–] 6nk06@sh.itjust.works 6 points 2 days ago

I have been doing that too for years: I tolerate Gmail for my work account because I like having updates on my phone, and the 2FA go in my own Bitwarden account. I refuse anything else.