9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
Microsoft is making its multi-factor authentication more secure by controlling when and how notifications are displayed. This is intended, among other things, to prevent MFA fatigue. Microsoft is
Microsoft is making its multi-factor authentication more secure by controlling when and how notifications are displayed. This is intended, among other things, to prevent MFA fatigue.
Microsoft is tinkering with how multi-factor authentication (MFA) works through its Authenticator app. Redmond wants to prevent MFA fatigue. MFA fatigue is a phenomenon where users receive so many MFA notifications that they simply click “yes” without thinking twice. Cybercriminals abuse this behavior by spamming targets with authentication requests until they click “yes” to stop the notifications.
To prevent this, the Authenticator app on the smartphone no longer sends notifications about unconventional login attempts. For example, if someone from deepest Russia suddenly wants to log into your account, you won’t receive an MFA request. Instead, Microsoft expects you to proactively navigate to the app to approve the notification there yourself. Anyone who logs in from an unexpected location will see a message on their computer asking them to open the Authenticator app itself.
The application that appears afterwards has also been slightly adjusted. From now on, Microsoft will provide a map showing where the request came from. If you see China or Russia while lying on the couch in Kempen, it is a visual indication that something may be wrong.
Additionally, Microsoft is working on a broader rollout of MFA for its users. Privileged administrator accounts in Microsoft Entra ID Premium Plan 1 and 2 will be prompted to set up MFA when visiting management portals such as Azure or Microsoft 365. You can still opt out, but Microsoft plans to require MFA for increasingly sensitive features.
Additionally, Microsoft requires MFA to access cloud applications for customers running the older custom version of MFA. In any case, Microsoft prefers that this implementation be replaced by Conditional Access. Additionally, Microsoft Entra ID Premium Plan 2 allows administrators to require MFA for high-risk login attempts.
Stolen or cracked account information is one of the most important vectors for attackers. MFA can prevent the misuse of such data in more than 90 percent of cases. No technology has a more immediate or greater impact on your security posture. Microsoft therefore hopes to be able to convince all of its business customers to use MFA at some point. Today it is only 37 percent, but the proportion of new users is increasing faster. Microsoft began requiring MFA for consumers back in 2013, and as expected, abuse of these accounts dropped dramatically.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
