- Microsoft Authenticator has introduced a new security feature to enhance user security and combat MFA (Multi-Factor Authentication) fatigue attacks.
- The new security configuration suppresses notifications for risky login attempts, prompting users to manually approve sign-ins within the app.
- This approach has successfully blocked over 6 million unnecessary notifications in the past two months.
Microsoft has recently introduced a new feature in its Authenticator app, designed to enhance user security and combat MFA fatigue attacks. The new security configuration was rolled out in September, allowing users to suppress pop-up notifications for potentially suspicious login requests.
Previously, users who attempted to log into an account or a service would receive a pop-up notification to approve the sign-in request. Now, Microsoft Authenticator will automatically suppress the pop-up notification if it detects anomalous signals during the login attempt. Users will receive a prompt to open the app and input a verification code. Microsoft Authenticator will also display the user’s location and the name of the app that initiated the request.
“Following the deployment of this feature, we now suppress Authenticator notifications when a request displays potential risks, such as when it originates from an unfamiliar location or is exhibiting other anomalies. This approach significantly reduces user inconvenience by eliminating irrelevant authentication prompts,” explained Alex Weinert, VP Director of Identity Security at Microsoft.
Microsoft highlights that adopting this approach has helped to reduce the frequency of unusual notifications sent to customers. It should boost security and effectively mitigate the risk of MFA fatigue attacks. A multi-factor authentication (MFA) fatigue attack is a type of cyberattack where a hacker attempts to overwhelm users with a high volume of authentication requests. The constant stream of authentication requests could frustrate users and inadvertently put their account security at risk.
In the past two months, the security feature has successfully blocked over 6 million unnecessary passwordless and MFA notifications. Microsoft claims that most of these blocked alerts originated from notifications initiated by threat actors.