Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Authenticator Enables Number Matching By Default to Block MFA Fatigue Attacks

Last year, Microsoft released support for number matching in push notifications for its Microsoft Authenticator app. Starting today, the number matching feature will become the default experience for all Authenticator users worldwide.

Microsoft’s Authenticator app’s number matching feature requires users to type the number displayed on the sign-in screen to approve access requests. It helps to counter Multi-Factor Authentication (MFA) fatigue attacks that rely on push notification spam. MFA fatigue attacks occur when a threat actor spams the victim with MFA push notifications. It’s a social engineering tactic that is used to gain unauthorized access to a corporate network.

With this release, Microsoft will enable the number matching feature for all supported cloud services. Users will also see additional context (such as the app’s name and the login location) to prevent accidental approvals.

“Number matching is a key security upgrade to traditional second factor notifications in Microsoft Authenticator. We will remove the admin controls and enforce the number match experience tenant-wide for all users of Microsoft Authenticator push notifications starting May 8, 2023,” Microsoft explained.

Microsoft Authenticator Enables Number Matching By Default to Block MFA Fatigue Attacks

Microsoft suggests users to upgrade to the latest version of Microsoft Authenticator on their mobile devices. However, the authentication process will fail for users running older versions of the app that lack support for number matching.

Microsoft Authenticator number matching won’t be available for Apple Watch users

According to Microsoft, the number matching security protection will also be required for Self Service Password Reset (SSPR) and combined registration flows. The AD FS adapter will also require the feature on Windows Server versions 2022, 2019, and 2016. However, number matching won’t be available on Apple Watch devices.

“As services deploy, some may see number match while others don’t. To ensure consistent behavior for all users, we highly recommend you enable number match for Microsoft Authenticator push notifications in advance,” Microsoft added.

As MFA fatigue attacks continue to rise, it has become crucial for organizations to implement robust security measures to protect end users. The number matching feature provides an additional layer of security to prevent potential threats and breaches.