Microsoft has rolled out a new feature to its multi-factor authentication (MFA) app, Microsoft Authenticator, to prevent spam attacks.
According to ZDNet, the company has rolled out ‘number matching’ in push notifications which will help prevent MFA attacks that rely on push notification spam.
When ‘number matching’ is enabled, the Authenticator app asks the user to enter the number shown on the sign-on screen rather than just selecting “approve” when approving an MFA request. This will be a useful feature for admins whose users were unprepared for the MFA attack.
The feature is available for the administrators for now, but the company wants to make ‘number matching’ the default for all Authenticator users in February 2023.
To avoid unintentional approvals, administrators can also set up Authenticator to use application context and location context.
After the new feature becomes the Authenticator app’s default, the admin rollout controls will be removed.
Earlier this year, researchers discovered so-called “MFA fatigue attacks” targeting Office 365 users. In those attacks, attackers continually cause MFA push alerts while attempting to log into a victim’s account using a password that has previously been compromised.
The attacker was counting on the victim becoming tired or inattentive enough to approve the login attempt mistakenly at some time, the report said.