Upcoming Webinar
Understand How Your Peer Approach AD Forest Recovery
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Authenticator Now Blocks Suspicious MFA Notifications

Key Takeaways:

Microsoft Authenticator has introduced a new security feature to enhance user security and combat MFA (Multi-Factor Authentication) fatigue attacks.

The new security configuration suppresses notifications for risky login attempts, prompting users to manually approve sign-ins within the app.

This approach has successfully blocked over 6 million unnecessary notifications in the past two months.

Microsoft has recently introduced a new feature in its Authenticator app, designed to enhance user security and combat MFA fatigue attacks. The new security configuration was rolled out in September, allowing users to suppress pop-up notifications for potentially suspicious login requests.

Previously, users who attempted to log into an account or a service would receive a pop-up notification to approve the sign-in request. Now, Microsoft Authenticator will automatically suppress the pop-up notification if it detects anomalous signals during the login attempt. Users will receive a prompt to open the app and input a verification code. Microsoft Authenticator will also display the user’s location and the name of the app that initiated the request.

“Following the deployment of this feature, we now suppress Authenticator notifications when a request displays potential risks, such as when it originates from an unfamiliar location or is exhibiting other anomalies. This approach significantly reduces user inconvenience by eliminating irrelevant authentication prompts,” explained Alex Weinert, VP Director of Identity Security at Microsoft.

Microsoft Authenticator Now Blocks Suspicious MFA Notifications

Microsoft Authenticator blocks over 6 million unnecessary MFA notifications

Microsoft highlights that adopting this approach has helped to reduce the frequency of unusual notifications sent to customers. It should boost security and effectively mitigate the risk of MFA fatigue attacks. A multi-factor authentication (MFA) fatigue attack is a type of cyberattack where a hacker attempts to overwhelm users with a high volume of authentication requests. The constant stream of authentication requests could frustrate users and inadvertently put their account security at risk.

In the past two months, the security feature has successfully blocked over 6 million unnecessary passwordless and MFA notifications. Microsoft claims that most of these blocked alerts originated from notifications initiated by threat actors.