Dejkala
No Result
View All Result
  • Home
  • Tech
  • Banking & loan
  • Games
  • Car’s & Bike’s
  • Home
  • Tech
  • Banking & loan
  • Games
  • Car’s & Bike’s
No Result
View All Result
Dejkala
No Result
View All Result
Home Latest update

Microsoft Authenticator gains feature to thwart spam attacks on MFA- Dejkala

by hasibul
October 28, 2022
in Latest update
0
Microsoft Authenticator gains feature to thwart spam attacks on MFA- Dejkala
0
VIEWS
Share on FacebookShare on Twitter


iphone-users

Image: Getty Images/MoMo Productions

Microsoft has rolled out ‘number matching’ in push notifications for its multi-factor authentication (MFA) app Microsoft Authenticator.

The new advanced feature is generally available in Microsoft Authenticator and should help counter attacks on MFA that rely on push notification spam.

Researchers earlier this year spotted so-called ‘MFA fatigue attacks’ on Office 365 users, where attackers repeatedly trigger MFA push notifications while trying to log in to a victim’s account with an already compromised password. The attacker hopes at some point the victim is worn down or distracted enough by the notifications to accidentally approve the login attempt.

Also: iPhone 14 Pro vs. iPhone 13 Pro: Is the newest iPhone worth the upgrade?

With number matching enabled, the Authenticator app requires the user to type in the number displayed on the sign-on screen when approving an MFA request rather than just hitting ‘approve’. This is going to be a handy feature for admins whose users have been caught out by this attack on MFA.

For now, admins can enable number matching in Authenticator, but Microsoft plans to make it the default for all Authenticator users in February 2023, according to Alex Weinert, Microsoft’s VP director of identity security.

Admins can also use configure Authenticator to use location context and application context to prevent accidental approvals. 

Microsoft has published instructions for configuring number matching, which can be enabled by group or other filters, and notes that number matching isn’t supported on Apple Watch notifications. The admin roll out controls will be removed after number matching becomes the default for the Authenticator app.

Also, now Authenticator on iOS uses App Transport Security (ATS), a security feature Apple introduced in iOS 9 in 2015 to enforce secure connections over the internet. However, ATS needs to be enabled by app developers and researchers in 2019 found that 67% of 30,000 scanned apps had ATS completely disabled.

Microsoft Authenticator: number matching

Image: Microsoft


Related

ShareTweetShare

Related Posts

Why I replaced my $40 multimeter with “smart” measuring tools- Dejkala
Latest update

Why I replaced my $40 multimeter with “smart” measuring tools- Dejkala

March 23, 2023
InMotion Hosting review: Everything you need to host a website- Dejkala
Latest update

InMotion Hosting review: Everything you need to host a website- Dejkala

March 23, 2023
FTC wants to make it easier for you to cancel subscriptions- Dejkala
Latest update

FTC wants to make it easier for you to cancel subscriptions- Dejkala

March 23, 2023
Diablo 4 might brick your RTX 3080 Ti graphics card- Dejkala
Latest update

Diablo 4 might brick your RTX 3080 Ti graphics card- Dejkala

March 23, 2023
Montenegro's Interior Minister Filip Adzic says Terraform Labs co-founder Do Kwon has been arrested at the Podgorica airport with falsified documents (CoinDesk)- Dejkala
Latest update

Montenegro's Interior Minister Filip Adzic says Terraform Labs co-founder Do Kwon has been arrested at the Podgorica airport with falsified documents (CoinDesk)- Dejkala

March 23, 2023
How and where to buy refurbished tech online- Dejkala
Latest update

How and where to buy refurbished tech online- Dejkala

March 23, 2023
Next Post
A look at the ongoing Qualcomm-Arm legal dispute, as Qualcomm claims Arm plans to stop licensing its CPUs to semiconductor companies after 2024 (Dylan Patel/SemiAnalysis)- Dejkala

A look at the ongoing Qualcomm-Arm legal dispute, as Qualcomm claims Arm plans to stop licensing its CPUs to semiconductor companies after 2024 (Dylan Patel/SemiAnalysis)- Dejkala

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Categories

  • Earn Money Online
  • Game news and review
  • Laptops
  • Latest update
  • Smartphone Reviews & News
  • TODAY Tech News
  • Upcoming Technology
  • Wordpress plugin
  • WordPress themes
  • World Wide Bike Reviews and News
  • World Wide Car News

Recommended

Firms fear software stack breach as attack surface widens- Dejkala

Firms fear software stack breach as attack surface widens- Dejkala

February 1, 2023
Apple reports a record Mac revenue of $11.5B in Q4, up 25% YoY, with nearly half of customers being new to the device, but expects it to decline in Q1 2023 (Andrew Orr/AppleInsider)- Dejkala

Apple reports a record Mac revenue of $11.5B in Q4, up 25% YoY, with nearly half of customers being new to the device, but expects it to decline in Q1 2023 (Andrew Orr/AppleInsider)- Dejkala

October 27, 2022
Epic Games agrees to pay the FTC $520M to resolve two complaints over allegedly breaking kids' online privacy rules and tricking users into unintended purchases (Wall Street Journal)- Dejkala

Epic Games agrees to pay the FTC $520M to resolve two complaints over allegedly breaking kids' online privacy rules and tricking users into unintended purchases (Wall Street Journal)- Dejkala

December 19, 2022
Black market fears are hampering cannabis waste recycling efforts in California- Dejkala

Black market fears are hampering cannabis waste recycling efforts in California- Dejkala

November 16, 2022
A look at India's pilots for a retail and wholesale CBDC, planned for a national launch by the end of 2023, and differentiating the project from the UPI system (Amitoj Singh/CoinDesk)- Dejkala

A look at India's pilots for a retail and wholesale CBDC, planned for a national launch by the end of 2023, and differentiating the project from the UPI system (Amitoj Singh/CoinDesk)- Dejkala

February 8, 2023
Asus ROG Strix X670-E Gaming WiFi review: Everything a gamer needs- Dejkala

Asus ROG Strix X670-E Gaming WiFi review: Everything a gamer needs- Dejkala

November 23, 2022
Why I replaced my $40 multimeter with “smart” measuring tools- Dejkala

Why I replaced my $40 multimeter with “smart” measuring tools- Dejkala

March 23, 2023
InMotion Hosting review: Everything you need to host a website- Dejkala

InMotion Hosting review: Everything you need to host a website- Dejkala

March 23, 2023
FTC wants to make it easier for you to cancel subscriptions- Dejkala

FTC wants to make it easier for you to cancel subscriptions- Dejkala

March 23, 2023

Categories

  • Earn Money Online
  • Game news and review
  • Laptops
  • Latest update
  • Smartphone Reviews & News
  • TODAY Tech News
  • Upcoming Technology
  • Wordpress plugin
  • WordPress themes
  • World Wide Bike Reviews and News
  • World Wide Car News

Pages

  • About Us
  • Banking & loan
  • Car’s & Bike’s
  • Contact Us
  • Games
  • Home
  • Home 2
  • Privacy Policy
  • Tech

© 2022 Dejkala

No Result
View All Result
  • Homepages
    • Home – Layout 1
    • Home – Layout 2

© 2022 Dejkala