Microsoft's Authenticator now uses number matching to combat MFA fatigue attacks.
TL;DR Summary
Microsoft is introducing a number-matching feature in its Authenticator app to combat MFA fatigue, a social engineering tactic that overwhelms users with push notifications asking for login approval. The feature adds a one-time code element to the push notification approach, requiring users to enter another number to complete the login process. The number matching feature will be automatically enabled for all push notifications in Authenticator, and users will not be able to opt out of the feature. The change will be deployed starting this week.
Topics:technology#cybersecurity#mfa-fatigue#microsoft#multi-factor-authentication#number-matching#push-notifications
- Microsoft disarms push notification bombers with number matching in Authenticator The Register
- Microsoft enforces number matching to fight MFA fatigue attacks BleepingComputer
- Microsoft thinks it has a new way to make 2FA security better, and less annoying for you TechRadar
- Microsoft Authenticator Enables Number Matching By Default to Block MFA Fatigue Attacks Petri.com
- Microsoft ships Authenticator’s number matching feature to all users OnMSFT.com
Reading Insights
Total Reads
0
Unique Readers
0
Time Saved
4 min
vs 4 min read
Condensed
89%
787 → 85 words
Want the full story? Read the original article
Read on The Register